Search:  
Gentoo Wiki

TIP_Run_cryptsetup_from_xdm

Contents

Introduction

One thing which really annoys me is that I have to go to my PC twice during bootup: One time to enter the passphrase for cryptsetup-luks (which protects my /home partition) and another time to enter my login and password.

So I wrote a tool, which allows users to move the mount process into xdm, kdm or gdm.

Warning: You can not use this tip for encrypted root partitions as it requires an open X11 server to work.
Tip: If you prefer to have an own encrypted partition for each user you might want to use pam_mount instead.

Installation

There is no ebuild yet due to a bug in portage, so you will have to install this manually. Sorry for that.

You will need the following packages for this to work:

Remove old configuration

I assume that you already created an encrypted partition for your /home directory. You will have to remove or comment the old crypt/mount configuration from the init scripts:

File: /etc/conf.d/cryptfs
# Remove the following lines:
mount=home-crypt
source=/dev/hda4
type=luks
 
File: /etc/fstab
# Remove the following line:
/dev/mapper/home-crypt  /home   #...
 

Install the new tool

Download the tool from this URL. Use the following commands to install it:

Code: Install
$ tar xjf gcryptmount-0.1.tar.bz2 
$ cd gcryptmount-0.1/
$ make setup
 

This will kind of screw up your nice clean system, so you might prefer a manual installation. make setup will do the following:

Except for the latter make uninstall will undo those steps.

Edit the configuration file in /etc/gcryptmount.conf to complete the installation.

After the next reboot you should receive a dialog box asking you for your passphrase either after or before logging in.

Retrieved from "http://www.gentoo-wiki.info/XDM/Run_cryptsetup"

Last modified: Sun, 07 Sep 2008 09:28:00 +0000 Hits: 4,372