Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Stefan Weinzierl
July 23, 2004, 9:39 pm
rate this thread
developed a specific system of encrypted partitions and containers.
(Personal Linux Security-System; PLiSS)
The encrypted file-*containers*, e.g. for the files of the home-directory,
were here as well layed down in *partitions* encrypted, too. So you can
mount resp. unmount such file-containers without any loss of security also
while the system is running.
So far, so well. The problem is only that the SuSE-modul for generating such
cryptofiles supports that approach not as yet. So I can't presently
establish my system fully automaticly. For example I have to move the
respective entrys made by OS from the cryptotab to the fstab by hand. But
not enough with that. SuSE 9.1 changes under some conditions (e.g. during
creating a new filecontainer) the respective entrys on its own. But, if the
changed entrys are replaced again by the former entries, the old entries
will not work any more :-(( .
So it happened to me that the original entry in fstab:
was replaced by the following entry
Of course, I unterstand some of the entrys, but for some other I ask you for
your help. So, but now simply one after the other:
/tmp/encrypted_file /home/stefan ext3 /tmp/encrypted_file /home/stefan ext3
*REMARK:* Clear: path to the container, mountpoint, filesystem.
**REMARK:*:* Also clear: entry for acl-extension
*REMARK:* I don't know, what that shall mean. Simply copied. Surely not so
*REMARK:* Algorithm for encryption. By the way, previously SuSE used just
*REMARK:* Apparently SuSE is now binding the particular cryptofilesystems
statically to a specific loop-device, instead of dynamicly like before. So
I've got some problems. Because e.g. /dev/loop0 is in my case always
already occupied by that encrypted partition, on which my file-container
for the home-directory is stored. If I don't mount that partition, I can't
reach my homecontainer anyway. I simply changed the device-assignment. Then
it works. Was that statical binding of loop-devices already possible in
former times, or is that a new feature?PLiSS Cryptofilesystem mit SuSE 9.1?
PLiSS Cryptofilesystem mit SuSE 9.1?
*REMARK:* What, the f.., is that?
*REMARK:* See above.
*REMARK:* Wonderful! How careful! The people of SuSE are apparently of the
opinion that only root should mount a cryptofilesystem, and impose their
point of view on everybody, who don't shares their convictions.
PsyPaM: Neue Hilfsmittel und Methoden zur Benutzeridentifikation-
Stefan Weinzierl; Bambergerstr.31; 96135 Stegraurach
Fon: 0951/2970067; Fax: 0951/2970068
Website: http://www.PsyPaM.com ; E-Mail: Stefan.Weinzierl@PsyPaM.com
- » yahoo messenger sending email message(automatically)
- — Next thread in » General Computer Security