Re: luks testing and source deb pkg

[James M. Leddy]

On 11/02/2011 01:59 PM, Lukas Anzinger wrote:
> Hi,
>
> I'm currently also trying to use to the luks code from trunk by using
> a modified Debian package and the latest source from the Bazaar
> repository.

Please let me know where I can find this tree so that I can test myself. 
Additionally, if you know if it should "just work" to just install the 
Debian version to Ubuntu, please let me know. I'm a recent convert from 
Fedora so a lot of this is new to me.

> However after entering the password, the grub menu doesn't show up and
> it states that the password is incorrect. I used 12345 which is
> obviously very hard to misspell repeatedly. I then tried to insert the
> master password from the LUKS partition directly into the source code
> and luckily succeeded with that! I'll post the snippet and my
> modifications to the package tomorrow if someone is interested. Since
> there is practically no information about this in the internet, I'll
> probably write a tutorial on how to do a full system encryption
> "TrueCrypt style" (i.e. with an encrypted /boot partition).

Expect one from me as well @ jmleddy.wordpress.com
> So my question is, James, how did you create your encrypted partition
> and what file system did you use?
>
> I always use "cryptsetup luksFormat /dev/sda1" (on Debian Sid) which
> uses aes-cbc-essiv as a default value AFAIK and ext3.

That's exactly what I did, except with ext4. The file system shouldn't 
matter in evaluating the password. From dmsetup table:

aes-cbc-essiv:sha256

> Could you also append your tared "debian" folder which generates the
> grub package(s)?

Sure thing when I have a little more time.

> Regards,
>
> Lukas
>
> On Tue, Nov 1, 2011 at 23:56, James M. Leddy<address@hidden>  wrote:
> > Hi,
> >
> > I've successfully tested the luks code in ubuntu using a modified grub2
> > package. You can test yourself if you're already using crypted root and
> > separate /boot by rsying the /boot dev to the root filesyste, removing the
> > /etc/fstab entry, and running:
> >
> > # GRUB_CRYPTODISK_ENABLE=y grub-install --debug --modules=configfile
> > --modules=gcry_sha1 --modules=gcry_sha256 --modules=fshelp
> > --modules=biosdisk --modules=part_msdos --modules=linux --modules=ext2
> > --modules=help --modules=minicmd --modules=crypto --modules=cryptodisk
> > --modules=gcry_rijndael --modules=luks /dev/sda
> > # GRUB_CRYPTODISK_ENABLE=y update-grub
> >
> >
> > The merged source is available here:
> >
> > https://code.launchpad.net/~jm-leddy/+junk/grub-luks
> >
> > just do a :
> >
> >    $ bzr branch lp:~jm-leddy/+junk/grub-luks
> >    $ cd grub-luks
> > $ bzr builddeb
> >
> > _______________________________________________
> > Grub-devel mailing list
> > address@hidden
> > https://lists.gnu.org/mailman/listinfo/grub-devel
>
> _______________________________________________
> Grub-devel mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/grub-devel