You are not logged in.

#1 2009-01-29 21:34:42

txemarix
Member
Registered: 2009-01-26
Posts: 3

booting ext4 LUKS crypted?

Hello everyone.

  My apologies for my poor English, I used google Language Tools to write this post.

   I am a happy ArchLinux user on my laptop from a year ago. So far I have not had any problem that has not been solved thanks to the wiki or google.

   I'm experiencing (on a copy on a USB external hard drive) with the new format ext4.

   Everything works fine with both grub and grub2, but when I use encryption with LUKS on root partition formatted in ext4, both are unable to recognize it: the boot process is not requesting the passphrase.

   Is this feature implemented in the boot?

   I've searched the forum and can not find anything.

   Any help is welcome.

Offline

#2 2009-01-29 23:21:40

mcover
Member
From: Germany
Registered: 2007-01-25
Posts: 134

Re: booting ext4 LUKS crypted?

How is your setup? Do you have an unencrypted boot-partition? From what I understand (and from my experiences with LUKS) you should at least be prompted for a passphrase. After all, as long as its still encrypted, nobody knows whats on your root partition (be it ext4 or whatever else - or am I missing something here?).

http://wiki.archlinux.org/index.php/LUKS

Offline

#3 2009-01-30 09:58:08

Dieter@be
Forum Fellow
From: Belgium
Registered: 2006-11-05
Posts: 2,000
Website

Re: booting ext4 LUKS crypted?

what mcover said.

you must have something like this in /etc/mkinitcpio.conf: HOOKS="(...) encrypt filesystems"
then run mkinitcpio to rebuild your initcpio's, and reboot. then it should ask for the password


< Daenyth> and he works prolifically
4 8 15 16 23 42

Offline

#4 2009-01-30 17:21:49

txemarix
Member
Registered: 2009-01-26
Posts: 3

Re: booting ext4 LUKS crypted?

These are my configuration files:

$ uname -a
Linux Hostname 2.6.28-ARCH #1 SMP PREEMPT Sun Jan 25 09:43:53 UTC 2009 x86_64 Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz GenuineIntel GNU/Linux

# mkinitcpio.conf
$ cat /etc/mkinitcpio.conf | grep -i ^modules\=
MODULES="pata_acpi ata_generic scsi_mod ata_piix sd_mod mmc_core mmc_block sdhci sdhci_pci ricoh_mmc nls_cp437 vfat ext2 ext3 ext4"
$ cat /etc/mkinitcpio.conf | grep -i ^hooks\=
HOOKS="base udev autodetect pata scsi sata usb keymap encrypt resume filesystems"

$ fdisk -l /dev/sdb
Disco /dev/sdb: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cilindros of 16065 * 512 = 8225280 bytes
Disk identifier: 0x7c8cc300
Disposit. Inicio    Comienzo      Fin      Bloques  Id  Sistema
/dev/sdb1   *           1       12768   102558928+   7  HPFS/NTFS
/dev/sdb2           12769       12773       40162+  83  Linux
/dev/sdb3           12774       19301    52436160   83  Linux
/dev/sdb4           19302       60801   333348750   83  Linux
$ /usr/lib/klibc/bin/fstype /dev/sdb2
FSTYPE=ext3
FSSIZE=41123840
$ /usr/lib/klibc/bin/fstype /dev/sdb3
FSTYPE=ext4
FSSIZE=53694627840
$ /usr/lib/klibc/bin/fstype /dev/sdb4
FSTYPE=luks
FSSIZE=0

$ cryptsetup luksDump /dev/sdb4
LUKS header information for /dev/sdb4
Version:       	1
Cipher name:   	aes
Cipher mode:   	xts-plain
Hash spec:     	sha1
Payload offset:	4040
MK bits:       	512
MK digest:     	.. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. 
MK salt:       	.. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. 
              	.. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. 
MK iterations: 	10
UUID:          	c2.b.e.e-2..1-4.7.-..f.-6.6.4...6..2
Key Slot 0: ENABLED
	Iterations:         	1.6.6.
	Salt:               	.. .. .. .. .. .. .. .. 5e .. .. .. .. .. 10 .. 
	                      	c3 .. .. .. 65 .. .. .. .. .. 0a .. .. .. .. .. 
	Key material offset:	8
	AF stripes:            	4000
$ sudo cryptsetup luksOpen /dev/sdb4 cifrado
Enter LUKS passphrase: 
key slot 0 unlocked.
$ sudo  fsck.ext4 /dev/mapper/cifrado 
e2fsck 1.41.3 (12-Oct-2008)
Cifrado: limpio, 328610/20840448 ficheros, 12515103/83336682 bloques


# GRUB 
$ cat /media/BootIomega/grub/menu.lst | grep -i -A6 \#\ \(4\)
# (4) Arch Linux
title  Arch Linux
root   (hd0,2)
kernel /vmlinuz26 root=/dev/sdb2 ro
initrd /kernel26.img

#GRUB2
$ cat /media/BootIomega/grub/grub.cfg | grep -i -A6 \#\ \(2\)
# (2) Arch Linux
menuentry "Arch Linux luks" {
set root=(hd0,2)
linux /vmlinuz26 root=/dev/sdb4 ro
initrd /kernel26.img
}

"mkinitcpio -g /media/BootIomega/kernel26.img"  and "grub-install --recheck /dev/sda" or  "grub-install /dev/sda" did not report any error, but I keep getting a "kernel panic" without asking me for the passphrase

2019/11/12 Edit for privacy reasons.

Last edited by txemarix (2019-10-12 17:15:50)

Offline

Board footer

Powered by FluxBB