[dm-crypt] u?mount (8) helper script for luks encrypted disks

.. ink .. mhogomchungu at gmail.com
Fri Aug 30 10:24:19 CEST 2013


> > 1. call "blkid" and check the file system on the device,if its present
> and
> > its not "crypto_LUKS",then its a device with a normal file system,just
> > mount it normally.
>
> And i would crash & burn right here. Not all encryption is LUKS!
>
> I use loopAES v3 encryption (a.k.a. lmk3).
>
> i prefer PLAIN type of cryptsetup.The basic idea still stands,encrypted
volumes will cause blkid to return either "crypto_LUKS" or nothing.This is
the easiest way to identify an encrypted volume.

any particular reason why you prefer loopAES over plain type of cryptsetup?

There are zero identifiable features in a file or block-device that is
> loopAES (any version) encrypted. Just like plain encryption. And if i
> understood it correctly, this is also true for e.g. a Truecrypt
> container.
>
> yap,truecrypt works the same way.

And my personal model has also a splash of special-sauce. My "whole
> disc" encryption is from sector 8 until the end of device. So i can put
> a dummy-MBR on each HDD in which i can stamp the name. This name in turn
> is used in a udev-rule to create a symlink that identifies the connected
> HDD. And last but not least, there is the matching autofs configuration,
> so i can just cd /misc/<name> after connecting the corresponding HDD.
>
>
why dont you use udev links created in "/dev/disk/by-id/" to access your
HDD? it seem like
you are doing something udev is already doing and wasting a bit of space in
the process.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20130830/82b884e5/attachment.html>


More information about the dm-crypt mailing list