Ilkka Tuohela
hile at nixu.com
Sun Nov 6 10:54:24 CST 2005
OK, now I have first version of a separate hook package for initramfs to
support mounting cryptsetup encrypted root filesystem. See
http://ner.dy.fi/deb/
It's first working draft version, with following known problems:
o cryptsetup over LVM not tested at all: might work, at least I tried
to implement it
o Not sure about the modules I add to the system: I try to modprobe
aes-i586 aes blowfish during setup, but what really should be done
here? What about other architectures, I should probably check if
aes-$arch can be used but... well, have to look at it more
o If you don't use LUKS the 'ask passphrase again if invalid' loop
is broken. I should use fstype to detect if it's valid etc., but
I'm not sure what fstype returns: in addition I think we all should
really use LUKS formatted root partition ;)
Minor issues:
o A couple of useless warning about /dev/cdrom (no idea if this comes
from some another script actually
o during boot I get a lot of 'dm-linear: Device lookup failed' errors,
might be unrelated to this as well (I'm booting 2.6.14 custom kernel)
So, when this package gets more mature how does it end up to ubuntu and
debian? I'm not official package maintainer for either.
The package must go to universe as long as cryptsetup is there: another
wish is that cryptsetup would actually move to main before dapper
release.
*hile*
More information about the ubuntu-devel
mailing list