Linux: use a file as an encrypted partition with cryptsetup

I’ve decided to move my encrypted /home partition from losetup to cryptsetup.
Instead of using a device (a disk partition) i used a 1o GB file and to do this i’ve upgraded cryptsetup to version 1.3.1 since Slackware 13.37 has the 1.2.0 one.
I just compiled the new version using the 1.2.0 SlackBuild, it works.
I’m following the README_CRYPT.TXT Slackware howto.
First, let’s create the crypted file that will “host” our new /home:

dd if=/dev/urandom of=/crypt_home bs=1M count=10000

Now prepare the partition for encryption (choose a good password!):

cryptsetup -s 256 -y luksFormat /crypt_home 

This will overwrite data on /crypt_home irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: 
Verify passphrase:

We’ll call our mapped device “crypthome”, just like in the Slackware howto:

cryptsetup luksOpen /crypt_home crypthome

Create an ext4 filesystem (just for example):

mkfs.ext4 -j /dev/mapper/crypthome

I’ve add in my /etc/rc.d/rc.local:

cryptsetup luksOpen /crypt_home crypthome
mount /dev/mapper/crypthome /home/simplex

That’s all.

Linux: use a file as an encrypted partition with losetup

On my notebook i’ve decided to have a / partition and a cripted home for my user, automagically mounted at boot.
That’s what you need to do, after a fresh Slackware 13.1 installation:

Create the user:

adduser username

then the file to mount as home partition:

dd if=/dev/zero of=/cryptedfile bs=1k count=5000

load the cryptoloop module:

modprobe cryptoloop

Continue reading “Linux: use a file as an encrypted partition with losetup”

Install Slackware 13.0 on Acer Aspire One AO751h

If you have tried to install Slackware on this netbook…
…you know that default installer doesn’t see the hard disk, because the kernel needs support for Intel US15W chipset :/.
But there’s a workaround for us, we need to insert in the kernel the module that allows chipset work properly.
You have to download the pata_sch.ko module from here, or take it from an installed slackware, or download kernel-modules- package and extract the module.
This is what i’ve done: i’ve put the module in one usb key, i’ve created a bootable usb key with default usbboot.img image and i’ve booted with the hugesmp.s kernel.
Now it’s time for the little trick, mount the key with the module (or you can setup the nic card and download it straight from the web), copy the module and insert it in the kernel:
mount /dev/sdb1 /mnt
cp /mnt/pata_sch.ko .
umount /mnt
insmod pata_sch.ko

Now you can see the disk, enjoy your Slackware on Aspire One a751 :)

Slackware doesn’t see the hard drive during installation because there isn’t pata_sch module. This happen again when you try to boot your new installation.
So, after installation, when you press the EXIT button, do not reboot but chroot inside your installed Slackware, with chroot /mnt
Then create a custom mkinitrd with the pata_sch module built-in, with
mkinitrd -c -k -m ext3:pata_sch -f ext3 -r /dev/sdax
Assuming you’re using ext3 and sdax is the / partition, the module should be present in the installation if you’ve installed kernel-modules-smp-
That’s all.
I’ve installed Slackware in an encrypted LVM volume, following the README_CRYPT.TXT guide, except for the mkinitrd command, i’ve used:
mkinitrd -l it -c -k -m ext3:pata_sch -f ext3 -r /dev/cryptvg/root -C /dev/sdxx -L
And i’ve used GRUB instead of LILO, because i’ve installed the bootloader in the /boot partition instead MBR, where there is Truecrypt bootloader for Windows encrypted partition.
If someone have other tips about Slackware on this netbook, feel free to write a comment, thanks.