OpenSUSE Install :: Installation: Specify LUKS Bit Strength
Jul 5, 2011
Is there any way to specify the bit strength for LUKS when one is installing OpenSUSE 11.4? I've tried to find it (because imho 256 bit aes is a bit high for what little i do with my netbook) but I have not. I was going to try to control+alt+F4 to a shell and create the partition setup and create the LUKS container and see if that works but in the past, trying that doesn't work either because 1) the installer doesn't ask for the LUKS password or 2) it asks, setup finishes normally, but yet I then get what seems to be random boot errors like some times the /home doesn't mount, sometimes the swap doesn't enable, etc.
Anyone care to give some input? I've been around and around the installer and can't seem to find a way to do it.
View 3 Replies
ADVERTISEMENT
Aug 5, 2010
I've got some old drives using pre-LUKS loopback encryption, and I'm having problems mounting them on OpenSUSE 11.3. What I expected to work, based on past experiences with other distributions, is something along the lines of:
mount -t ext3 /dev/sdc11 tmp -o loop=/dev/loop1,encryption=AES256. When I try this I'm asked for the password, but then get the message "ioctl: LOOP_SET_STATUS: Invalid argument". Anyone have a clue what could be going wrong, or how I can best access these drives from OpenSUSE?
View 5 Replies
View Related
Apr 2, 2011
I recently installed OpenSUSE 11.4 64 bit with GNOME yesterday and everything is going fantastic. I like it much better than Ubuntu 10.10 64 bit Maverick Meerkat because it is much more stable, reliable, and dependable. I own a heavily modified ASUS N61JV-X2 notebook PC. I installed OpenSUSE using the LVM based method and LUKS encryption. When I turn on the power to my notebook PC, it asks me for my password to decrypt my Intel 2nd Generation 160.00 GB Solid State Drive. I expected this behavior. However, I never get to see the OpenSUSE login screen. After I type in my password to decrypt my SSD, it loads up the desktop immediately. How do I configure my OpenSUSE so that I can see the login screen so that I can select my standard user profile and enter the user password to login?
View 9 Replies
View Related
Aug 26, 2011
I've had everything but /boot on LVM LUKS encryption since I installed 11.4 on my netbook. Suddenly it won't accept my password and boot. Nothing had been updated since the last successful boot. The only possibly different thing that occurred was that I had plugged in my Android phone to charge before it booted up. Anyway, the specific error it gives when I enter the password (and I'm absolutely sure it's the correct password):
Code:
No key available with this passphrase.
Here is everything else on the screen:
Code:
doing fast boot
Creating device nodes with udev
[number (not sure if relevant/unique)] fb:conflicting fb hw usage inteldrmfb vs VESA VGA - removing gen
Volume group "system" not found
[Code]...
View 9 Replies
View Related
Sep 8, 2015
I'm trying to upgrade my Win8/Wheezy 64-bit machine to Jessie 8.1 by installing from the amd64-bit netinstall iso image on a USB flash drive. I had done the previous, Wheezy, install on a disk partition that was whole-partition LUKS/LVM drive, with separate logical partitions for swap, root, and home.
Before doing the upgrade, I booted to the BIOS to ensure that my UEFI system had the correct, CSM and Legacy modes enabled in it, so that installer would boot using the non-efi BIOS mode.
Step one of the upgrade was to boot the netinstall and enter the rescue mode so that I could manually do the cryptsetup/LVM business. When I returned to the installer, I mounted the now-recognized logical partitions normally, choosing to format only the swap and / partitions.
During the entire process, I had to go into rescue mode one more time to manually mount the unencrypted /boot partition, along with my /home partition. I copied a backup of my old /etc/crypttab from the latter, and after returning to the installer, finished the install. That finish included installing grub on my hard drive's main boot partition.
Everything seemed to finish with no problems. However, when I try to boot the debian bootloader, I get tossed to grub rescue with the message that '/grub/x86_64-efi/normal.mod' doesn't exist. At this point I returned to the installer, mounted the /boot partition, and saw that there grub-install didn't create that an x86_64-efi directory at all. Instead, it had created an i386 directory. The exact name escapes me at the moment.
I *think* that my install was clean other than the last bit that was related to installing the bootloader. How to reinstall the bootloader in such a way as to make all of this work.
View 2 Replies
View Related
Mar 27, 2010
I'm running Karmic Server with GRUB2 on a Dell XPS 420. Everything was running fine until I changed 2 BIOS settings in an attempt to make my Virtual Box guests run faster. I turned on SpeedStep and Virtualization, rebooted, and I was slapped in the face with a grub error 15. I can't, in my wildest dreams, imagine how these two settings could cause a problem for GRUB, but they have. To make matters worse, I've set my server up to use Luks encrypted LVMs on soft-RAID. From what I can gather, it seems my only hope is to reinstall GRUB. So, I've tried to follow the Live CD instructions outlined in the following article (adding the necessary steps to mount my RAID volumes and LVMs). [URL]
If I try mounting the root lvm as 'dev/vg-root' on /mnt and the boot partition as 'dev/md0' on /mnt/boot, when I try to run the command $sudo grub-install --root-directory=/mnt/ /dev/md0, I get an errors: grub-setup: warn: Attempting to install GRUB to a partition instead of the MBR. This is a BAD idea. grub-setup: error: Embedding is not possible, but this is required when the root device is on a RAID array or LVM volume.
Somewhere in my troubleshooting, I also tried mounting the root lvm as 'dev/mapper/vg-root'. This results in the grub-install error: $sudo grub-install --root-directory=/mnt/ /dev/md0 Invalid device 'dev/md0'
Obviously, neither case fixes the problem. I've been searching and troubleshooting for several hours this evening, and I must have my system operational by Monday morning. That means if I don't have a solution by pretty early tomorrow morning...I'm screwed. A full rebuild will by my only option.
View 4 Replies
View Related
Oct 18, 2010
I can't seem to get an encrypted partition to recognize a keyfile. It is a backup partition that I would like to keep unmounted until a cron-script runs once a week to backup my sensitive data. In order for the script to run without my assistance, I thought I'd use a keyfile to authorize the mount.
So far I've created a keyfile and have added it to the partition using "luksKeyAdd". It didn't really say it was successful, but when I do a luksdump, it shows that another key slot has been enabled, so I believe it worked. After that I created a /etc/crypttab file with the following:
Code:
backup_sdd1 /dev/sdd1 /root/backup luks
/dev/sdd1 being the backup partition, and /root/backup being the keyfile
After rebooting, I am still prompted for a password when trying to mount the encrypted partition (sdd1), and there is no device "/dev/mapper/backup_sdd1" created like I believe there should be. I haven't added any entries to fstab, as I don't want this partition to mount at boot.
View 5 Replies
View Related
Mar 12, 2011
I'm trying to install a luks enabled grub for full system encryption. What modules are required by grub to load a normal ubuntu linux system and what is the type to use?
View 2 Replies
View Related
Sep 24, 2015
Root LUKS to be broken by apt-get update? This did happen to me on 3 different laptops, both on previous install (from Debian 8.0), and also on clean installs (Debian 8.1), repeatedly.
When I reboot, grub starts, but then it cannot find the root file system (I end up with the emergency console).
Code: Select allLoading Linux 3.16.0-4-amd64 ...
Loading initial ramdisk ...
Loading, please wait...
[many seconds waiting]
ALERT! /dev/mapper/sda2_crypt does not exists.
modprobe: modprobe ehci-orion not found in modules.dep
This is the most simple, clean, conservative install ever, no closed driver.
But LUKS on the root file system:
Code: Select allone ext4 partition on /boot
one ext4 partition on / (trough LUKS, all defaults)
There is no LVM.
All the 3 laptops killed at different time, when updating. Clean install is fine until the first update.
Booting on the rescue system allows me to see everything.
Code: Select all$ update-grub
Generating grub configuration file ...
Found background image: /usr/share/images/desktop-base/desktop-grub.png
Found linux image: /boot/vmlinuz-3.16.0-4-amd64
Found initrd image: /boot/initrd.img-3.16.0-4-amd64
No volume groups found
How can I recover from this?
View 5 Replies
View Related
Oct 21, 2015
I would like to configure my Debian Jessie system in this way.
Two partitions:
1) /boot on /dev/sda1
2) everything else on /dev/sda2
I want to encrypt the second partition with LUKS. And then install over it a LVM volume. Inside the LVM volume i will create the / (root), /var, /opt and /home virtual partitions. In this way, i'll get asked only once for the password to decrypt all partitions. Because if i don't use LVM, then i'll get asked for the password for each encrypted partition.
I can follow and understand almost everything of this HOW-TO for Archlinux: [URL] ....
Only two passages are unclear to me:
1) Configuring mkinitcpio
I don't understand what i should do here in order to complete this. What should i do in Debian to configure "mkinitcpio"? what is the equivalent thing to do here?
I thought that the kernel would automatically recompile itself with all installed modules on the Debian system, once cryptosetup/LUKS or LVM2 get installed.
2) Configuring the boot loader
I don't understand what should i write in /etc/default/grub. Will GRUB automatically load the LUKS and LVM2 modules? Also, I don't think that i could boot the system in this way:
cryptdevice=/dev/sda2:LVM root=/dev/mapper/LVM-????
Actually the "root=" volume is the whole volume to mount as LVM. It isn't the final root partition.
View 5 Replies
View Related
May 1, 2010
I've just upgraded from 9.10 on a system that has an encrypted root partition encrypted using the following guide:
[URL]
On boot, prior to the LUKS password prompt, I see the error:
Code:
cannot open file /etc/console-setup/boottime.kmap.gz
The consequence is that the keyboard does not respond, the password cannot be entered, and the root partition cannot be unlocked.
This behavior occurs on all 2.6.32.x kernels but falling back to my previous kernel, 2.6.31.9-rt works just fine.
This is on a production system and is not running in a virtual machine, so the issue is not:
[URL]
I have tried running sudo dpkg-reconfigure console-setup, which does regenerate the initram-fs for the desire kernel, but it does not solve the problem.
The guide's initram hook includes the lines:
Code:
mkdir -p ${DESTDIR}/etc/console-setup
cp /etc/console-setup/boottime.kmap.gz ${DESTDIR}/etc/console
... but my understanding of the initram stages of the boot process are hazy and I am unclear what the intent is behind the lines.
View 8 Replies
View Related
May 15, 2010
Since i'm on-the-road a lot encryption is crucial, with windows i've always used TrueCrypt and DiskCryptor, this is very easy to setup and allows me to create usb/cd devices that i can boot off and contain a keyfile, on boot it also requires a passphrase. Currently all i need to do is boot from harddisk and enter my passphrase. I would like to be able to boot from external device (in this case USB) that contains the bootloader and an integrated keyfile, also it should requist the passphrase. I found a guide on how to achieve two-factor authentication with dm-crypt on feisty but it's quite an old guide and is realy realy complicated for a newbie
View 1 Replies
View Related
Sep 2, 2010
I installed on LUKS+LVM, and I want to preserve my /home without moving the data to any external media (I don't have any). My partition layout is as follows:
sda1: /boot
sda2: encrypted volume (sda2_crypt)
sda2_crypt: LVM volume group, with /, swap and /home.
Having many previous (sad) experiences with completely borked experiments and data loss, I've decided to try the trick in VirtualBox first. I've installed Debian (testing, netinst, Dec 2009) with encrypted LVM, and touch'd a file in my $HOME so that I'd know if the contents were preserved. Then proceeded to install Ubuntu 10.04.1 from the alternative CD. After the installer started and loaded some of the basic components (but before it entered the partitioner) I've switched to a shell and read a scroll of identification:
Code:
$ cryptsetup luksOpen /dev/sda2 sda2_crypt
[entered the passphrase]
$ lvm vgscan
$ lvm lvscan
* Another concern; after the installation, I've noticed that the contents of my $HOME were overwritten by Ubuntu's default skeleton (pictures, desktop, music, templates, and other crap). The control file I've touch'd after installing Debian wasn't there.
View 1 Replies
View Related
Aug 10, 2010
It seems I've run into a bit of a problem. I recently upgraded to the latest kernel 2.6.32-24-generic (x86) but when I reboot into the new kernel and type in my password the system hangs, same when using a keyfile on the root file system.to give an outline of how the disks are setup.3 hard drives
sda1 / = unencrypted
sdb1 /home = encrypted w/ luks
sdc1 /backup = encrypted w/ luks
When i boot to the original kernel 2.6.32-21 I'm able to successfully get into the system.
View 1 Replies
View Related
May 26, 2011
I have a setup that looks like this
[Code]....
and I'm dumped into recovery mode. However, if I remove these mounts from /etc/fstab via comments, I can wait for the system to boot (which it does very quickly) then mount the mapper devices myself. So what is going on? Has something changed wrt logical volumes, or is this just systemd? I can live with manual mounting, but any advice on resolving the automatic mounting situation would be great.
[Code]....
View 2 Replies
View Related
Jun 14, 2010
i have found this xor encryption program
Code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define MAX_SIZE 256
[code]....
Its working fine, it can encrypt and decrypt. but how strong is it ? is it all depending on the specified key ?
View 5 Replies
View Related
Feb 21, 2010
Question: The USA forbids the export of secure cryptography. NSAKEY has already been discovered in the Windows cryptograhic API. Since the Linux-Kernel is hosted in the USA, how secure is its cryptography ?
View 1 Replies
View Related
Jan 16, 2011
I'm using 3g modem(broadband) for connect to the internet. how can I check signal strength in ubuntu 10.04.
View 2 Replies
View Related
Mar 16, 2011
Password strength in Linux can be ensured by setting parameters in /etc/pam.d/common-password file. But these policies apply only for non-root users, when they set password for themselves.s there any way to ensure strength of passwords assigned by root?Example: Normally root can assign passwords like "hello" "password" etc. Is there a way to ensure that passwords assigned by root must contain a special character and a digit as mandatory?
View 1 Replies
View Related
Aug 31, 2010
I'm using 9.04 on a laptop .when i was useing windows I got strong full bars for the wifi signal strength. On the same laptop in the same location, I get only 2 bars (low) wifi signal strength when I'm in Ubuntu 9.04 I'm using the wifi transceiver built into my hp Anyone heard of this problem?
View 5 Replies
View Related
Sep 22, 2010
I am looking for a tool that can monitor my 3g signal.
View 6 Replies
View Related
Nov 12, 2010
I managed to connect to the internet using wvdial, however I am getting hardly exciting download speeds around 50 kB/s. I was really hoping to get somewhere around 150 - 300 kB/s. Hence my question: how can I "debug" the connection in Linux, i.e. what is the signal strength and if it managed to connect using 3G or only GSM.
I am using Huawei e272 usb modem (branded Vodafone, I am connecting to Virgin though). My wvdial.conf file:
Code:
[Dialer Defaults]
Phone = *99***1#
Username = user
Password = " "
Stupid Mode = 1
[Code]....
View 2 Replies
View Related
Jun 8, 2010
I was wondering whether increasing the strength of a key by increasing the number of bits in the key to 2048 makes any sense if I want to leave the passphrase blank anyway? I'm setting up passwordless ssh logins on my LAN as I'm a bit tired of constantly being asked for a password.
View 7 Replies
View Related
Feb 6, 2011
I have a WUSB54GC v.1 wireless USB adapter which I use to connect to my home network. For some reason, over time my reception has been getting worse. I'm not sure if this is due to the router or the adapter. In addition, when the signal strength dips below 50%, I can no longer receive email or browse the web. This is only a problem with Ubuntu - when I had WinXP installed, I could access the internet mostly regardless of the signal strength.
I started a year ago with the adapter plugged directly into the computer. After a while I found it necessary to use an extension cord to place the adapter outside my room, closer to the router. A while later it was time for another extension cord, and now my reception has gotten worse again, but I can't extend it any further.
View 3 Replies
View Related
Apr 25, 2011
I see the Wifi Signal Strength icon on the top bar, but where's the label that shows the signal strength percentage? Is there a way to re-enable the label or did Canonical deemed it to be unnecessary?
View 3 Replies
View Related
Mar 3, 2010
I've got a Linksys WMP54G Pci card of some kind that's being reported as a Ralink rt2500 pci, but it is very slow (50k/s cap) and has jumpy signal strength (goes between 70% and 10% every second or so, while the router is in the same room). It is just this pc, as I'm using my laptop fine right now with no such condition. I am running basically a fresh version of Slackware 12.2, so it's kernel version 2.6.27.7. I have used this with Slackware 13 and there was absolutely no issue, so I think it may be a wrong or outdated driver, but building kernel modules and updating whatever module it should be is not something that I'm very good at.
View 3 Replies
View Related
Jun 30, 2010
So im pleased that my mobile broadband connection works but unfortunately the gnome/ubuntu way of displaying the connection strength is poor to say the least. Shown in this screenshot is my connection, 4 out of 4 bars.
BUT, does this mean i have a decent signal but only gprs? How do i tell if i have connected with 3G hspda gprs etc....?
View 1 Replies
View Related
Aug 8, 2010
have a dell Inspiron 1501 with ubuntu 10.0.4 I want to rename my wireless card from eth1 to wlan0 as I use conkyrc and it will not read my wireless strength or my ssid cuz it thinks it's a ethernet card and not wireless card. I know this for a fact because peppermint os my wireless card was wlan0 and it worked just fine.
View 1 Replies
View Related
Mar 20, 2011
right now, my machine runs ubuntu 10.10 due to work issue, i need to use windows server 2008 R2 (its a windows exclusive company) but i never used any of the active directory or anything from the windows server (only experience with windows is visual studio and those GAMES!), so i figure i need to practice a bit on my own b4 starting the job and just at the same time I found out as a univ student i get it for free! And plus, I am finding opensuse a better option for me than ubuntu So im wondering what i should do regarding these 2 systems here s some option
1). Install openSuse 11.4, and install VirtualBox and use windows server 2008 R2 on vbox
2). Install windows server 2008 R2 and then install openSuse alongside with it
3). Install windows server 2008 R2 and install openSuse in virtualBox
I have been using linux as my primary OS for more than a year now and I rlly need it for both school and my own entertainment. So wondering which option would best work out for me
wat are your opinions? PS: my machine is about 2 years ago a Dell laptop, with core 2 duo p8700 (2.53ghz) 4GB ram, and nvidia gfx, which even tho is still fast, but isnt rlly that snappy when it comes to virtualization even running xp in a virtual machine is quite laggy at times :S
View 7 Replies
View Related
Jan 26, 2010
This system has AMD Turion with ATI HD 3200 Graphics system. Installation program correctly initializes graphics - all installation completes with automatic configuration - gives no option for sax2 to run. Then Suse does not comes up or the x does not comes up or display is not showing anything. I can switch to Vista and Vista boots works from grub menu. How can I test and configure graphics and monitor before installer boots the system?
View 1 Replies
View Related
