[dm-crypt] Truecrypt system partition support

Jan Janssen medhefgo at web.de
Fri Jun 21 15:58:58 CEST 2013


On Thursday 20 June 2013 18:50:10 Milan Broz wrote:
> Hi,
> 
> well, you are probably the first real user I know about who tried system
> encryption truecrypt mapping :) So it is quite possible there are some
> problems.

That's probably because it's not well advertised. I found out about it by
accident and wanted to give it a try.

> Please can you describe exactly you configuration (I think I understand the
> problem but exact description could be better.)
> Why is main device used? Mapped/mounted other partition or something else?
> Should be easy to fix I think (we have already --shared option for plain
> mode).
> 
> (If you are able to map it with normal truecrypt in Linux, output of lsblk
> with encryption mapping active should be enough for me.)
> 
> Thanks,
> Milan

It's a simple single drive layout with a boot, windows and arch patition:
NAME           FSTYPE      LABEL   UUID                                 MOUNTPOINT
sda                                                                     
├─sda1         ext4        Boot    bdf8d95e-3a5a-4944-aff1-5ce8107ee679 /boot
├─sda2                                                                  
│ └─truecrypt1 ntfs        Windows 72682F78682F39ED                     /mnt/windows
└─sda3         crypto_LUKS         d998f50f-c40b-4d53-b683-90bd30da1272 
  └─system     ext4        Arch    52b8c62b-23df-4b07-875b-16da3cb0cb91 /

Also, it took me a while to figure out (thanks to the manpage) that you have
to use /dev/sda to open in system mode. It would be useful if cryptsetup
could either figure out where to look for its offset from /dev/sda2 like
the "real" truecrypt does or at least give a hint that in system mode the
drive should be used instead of the partition. Or maybe give the drive
to the system option like this:
    sudo cryptsetup --tcrypt-system=/dev/sda tcryptDump /dev/sda2

Jan


More information about the dm-crypt mailing list