LiveCD to include sha256 support?
PGF Junk Mail Account
JunkMail at petergfrazier.com
Fri Feb 23 12:43:57 PST 2007
I am relatively unfamiliar with enabling sha256; I believe that sha256 has
to be build into the kernel. Once it is present in the .../kernel/crypto
dir LUKS partitions will be able to be formatted (with the essiv option)
and/or opened directly from the liveCD...
Setting up encrypted partitions is pretty straight forward with LUKS...
google them, download the tar, compile.... should be ready to go...
Issue commands like:
dd if=/dev/urandom of=/dev/sdcX bs=1
then [after eight or so days...] [dd is optional for testing purposes]
cryptsetup --verbose --cipher aes-cbc-essiv:sha256 --key-size 256 luksFormat
[it is the "aes-cbc-essiv:sha256" command that necessitates the need for
sha256 support in the liveCD]
cryptsetp luksOpen /dev/sdcX sdcx
[without sha256 support in the liveCD, this command will also fail]
mount -t xfs -o nobarrier /dev/mapper/sdcX /mnt/sdcX
the "nobarrier" command helps if you are using it on a hw array, otherwise
you shouldn't need it.
...mess around with it... anything you write to it is encrypted. If this
doesn't do it for you (maybe typing in a pass phrase every time is boring...
who knows) then you can easily use a secondary storage device (ie USB key)
to hold the access key... setting that up is easy, but the directions on
the luks wiki are misleading...
As is already known dd and luksFormat [in the above example] are destructive
commands; they will destroy data on sdcX.
Let me know if you need more info...
From: livecd-bounces at linuxfromscratch.org
[mailto:livecd-bounces at linuxfromscratch.org] On Behalf Of Alexander E.
Sent: Thursday, February 22, 2007 0 37
To: Development of LFS LiveCD
Subject: Re: LiveCD to include sha256 support?
PGF Junk Mail Account wrote:
> I am very interested in seeing sha256 support in the LFS livecd...
Then please give me a pointer how to implement and test it. I have never
used encrypted storage before.
Also note that this feature will be available only in the 6.2 series of the
LiveCD, not 6.3-pre. In order to be able to update the kernel to 220.127.116.11
(as the LFS SVN book demands), I have to drop all patches (reiser4 and
Alexander E. Patrakov
Unsubscribe: See the above information page
More information about the livecd