1

Mounting a luks encrypted device from Places

view story
linux-howto

http://forums.fedoraforum.org – Hello, I have a luks encrypted device that I mount on demand by clicking on it in the places menu (yes I am using Gnome fallback mode). In Fedora 16 everything worked fine but in Fedora 17 I am facing two issues. First root password is asked to unlock the luks system. I allowed users to run crytpsetup without password through sudo with no luck. Secondly after the luks device is unmounted it will not mount. I have the correct entry in /etc/fstab including allowing users to mount it. If I open a terminal and enter the mount command it mounts correctly. I'd like to have users being a (HowTos)

unic's picture
Submitted by unic on 09/02/2012

Stories similar to Mounting a luks encrypted device from Places

Hi I have an external 300GB (Toshiba) disk which I encrypted (using cryptsetup luksFormat) and then installed an NTFS filesystem on (need to be able to use it in both Linux and Windows - using FreeOTFE). The disk mounts fine in windows and on my Fedora 10 system it automounts.

I already asked once about LUKS unlocking of multiple HDDs in Linux: LUKS and multiple hard drives.

Now I would like to know how to secure store the keyfile used for the automatic unlock of the associated partitions.

My plan is (if possible):

Encrypt a small USB drive with LUKS that requires a passphrase Unlock it at boot as the first drive by using the passphrase Mount it to a given mount poi

My google-fu is not strong. Can't find answers on this one. Maybe I'm googling the wrong stuff.

Okay, so I just redid the server. Installed it something like this: /dev/sda1, /boot, ext2 (unencrypted) /dev/sda2, /, ext3 on luks (Planning on a swapfile if needed.)

under Ubuntu there are several mount helpers to support easy mounting of encrypted (cryptsetup/luks) removable media such as USB drives. Under Gnome/Unity/XFCE a requester is opend, just enter the password, and everything is going well.

Hi all.

[ update: manually mounting them can now be done if you read all the way though... retaining the entire post as it may help others... BUT root cause is still outstanding in that encrypted disks that automatically setup LVM volumes at boot in F17 will not in F18]

I have been unable to access encrypted LUKS volumes since I used fedup to upgrade to F18.

I have a Debian Linux system (amd64) installed on a RAID-1 system encrypted device (LVM on LUKS) and will have a RAID-6 of >=4 disks where I'll put my data (LUKS and maybe LVM).

I think the basic idea is to unlock the system encrypted partition (at boot at local or via ssh) and to store a keyfile in /etc/crypttab for the RAID-6 encrypted partition. Does that pose a security risk ? I mean ...

#!, Ubuntu, etc. prompt me to enter a password when I insert a LUKS-encrypted USB drive. I formated the drive under Ubuntu and chose to encrypt the device.I am familiar with cryptsetup, etc., but I don't know the parameters required to mount it manually.

Hey there i tryed to mount my dm_crypted device during boot, but it dows not work.

Here is /var/log/boot

This is my crypttab:

<name> <device> <pass> <options> sdb1_crypt /dev/sdb1 none luks,timeout=0 #Swap sda2_crypt /dev/sda2 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap #Root sda3_crypt /dev/sda3 none luks,timeout=0

This is my fsta

I have a machine with a brand new install of Fedora 11 with luks encryption. I've added a keyfile to luks and have put that keyfile on a usb stick. I'd like the machine to boot all the way in when it's powered on with the usb stick plugged in.