[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Loop-AES 1.6f and gpg encrypted root trouble
Hi folks,
I'm having difficulties in booting with a GPG encrypted root partition, here is the relevant part of my dmesg:
>RAMDISK: Compressed image found at block 0
>Freeing initrd memory: 2k freed
>VFS: Mounted root (minix filesystem) readonly.
>Mounted devfs on /dev
>Freeing unused kernel memory: 260k freed
>Mounting /dev/hda1 as /lib failed
>flushing ide devices: hda hdc
>System halted.
- The corresponding section in build-initrd.sh seems to be:
/* this intentionally mounts /boot partition as /lib */
if (mount("${BOOTDEV}", "/lib", "${BOOTTYPE}", MS_MGC_VAL | MS_RDONLY, 0)) {
wrStr("Mounting ${BOOTDEV} as /lib failed\n");
goto fail4;
}
I've used the updated build-initrd.sh together with the util-linux patches for util-linux-2.11t
from http://loop-aes.sourceforge.net/updates/2002-07-17/.
build-initrd.sh has:
BOOTDEV=/dev/hda1
BOOTTYPE=ext2
CRYPTROOT=/dev/hda2
ROOTTYPE=xfs
USEGPGKEY=1
GPGKEYFILE=rootkey.gpg
USEMODULE=1
USEPIVOT=1
INITRDONLY=0
SOURCEROOT=
DESTINATIONROOT=
DESTINATIONPREFIX=/boot
USEDEVFS=1
The root partition hda2 is using XFS fs, and is encrypted using AES256 from a separate partition on the same HD using:
#losetup -e AES256 -K /root/rootkey.gpg /dev/loop2 /dev/hda2
#dd if=/dev/hda2 of=/dev/loop2 bs=64k conv=notrunc
So far i've tried different settings in build-initrd.sh, USEPIVOT=0 etc, but nothing seems to work, so i'm getting pretty desperate :) Any tips or tricks would be greatly appreciated.
Best regards,
Micke
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/