linux.gentoo.user

--nextPart1448463.Fl2nq2pxZO
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Am Sonntag, 30. M=C3=A4rz 2008 schrieb Florian Philipp:

> On Sun, 2008-03-30 at 09:50 +0200, Dirk Heinrichs wrote:
> > Am Samstag, 29. M=C3=A4rz 2008 schrieb Florian Philipp:
> > > My goal is to open a Luks-mapping for /var with a gpg-encrypted file
> > > on /boot and then open a mapping for /var/tmp with a plaintext file
> > > on /var.
> >
> > See below. But while we're at it, can anybody tell me what's the
> > advantage of a gpg-encrypted keyfile over a keyfile generated from
> > /dev/urandom?
>
> Keys for urandom work great for /tmp and swap but how should I use this
> for a partition which is supposed to keep its content between reboots?

See my example below.

> > Which warning, btw.? Works just fine here.
>
> "# Note when using gpg keys and /usr on a separate partition, you will
> # have to copy /usr/bin/gpg to /bin/gpg so that it will work properly
> # and ensure that gpg has been compiled statically.
> # See http://bugs.gentoo.org/90482 for more information."

Ah, I see. Since I don't use gpg it doesn't matter to me.

> > target=3D'c-usr'
> > source=3D'/dev/evms/usr'
> > key=3D'/etc/crypt/keyfile'

Bye...

Dirk

--nextPart1448463.Fl2nq2pxZO
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iD8DBQBH73h/8NVtnsLkZ7sRAtvUAJ4v2ZEyfBNDaKHKksF6BZPf0TK6MQCfS1qf
MN+qKK0iNKICFqxCPnxKeoE=
=GeLi
-----END PGP SIGNATURE-----

--nextPart1448463.Fl2nq2pxZO--
--
gentoo-user@lists.gentoo.org mailing list