OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Encryped Filesystem Image, Can we do this on Z?
chaosjtu
post Sep 16 2006, 07:06 AM
Post #1





Group: Members
Posts: 8
Joined: 15-July 06
Member No.: 10,412



To mount a encryped loopback filesystem image to store sensitive data, can we do it on Z?
Go to the top of the page
 
+Quote Post
bam
post Sep 16 2006, 02:09 PM
Post #2





Group: Members
Posts: 1,213
Joined: 9-June 05
From: Gobi Desert, Mongolia
Member No.: 7,306



losetup is compilable, but......currently I cannot get CryptoAPI to compile as amodules to support encryption, however you could ask Tetsu to compile his kernel with CryptoAPI support enabled, that way I believe you could use it, I couldnt compile the kernel onboard the z.
Go to the top of the page
 
+Quote Post
miskinis
post Sep 16 2006, 05:33 PM
Post #3





Group: Members
Posts: 333
Joined: 8-January 05
From: North East, USA Today
Member No.: 6,159



QUOTE(bam @ Sep 16 2006, 06:09 PM)
... I couldnt compile the kernel onboard the z. ...
*


Hmm, I have never compiled the kernel for the Z even on another LINUX machine.
Due to the fact I recently found that the pdaXrom beta1 kernel for 5500, has the
"right-arrow-repeat-suspend" issue, *and* the fact that I would like to keep my
data secure on all my Zs, I would be willing to help out diagnosing the kernel
build issues, off or on the Z.

This is LINUX, and anything should be possible, right?
Go to the top of the page
 
+Quote Post
bam
post Sep 16 2006, 06:07 PM
Post #4





Group: Members
Posts: 1,213
Joined: 9-June 05
From: Gobi Desert, Mongolia
Member No.: 7,306



I suppose....

I did peek around, it mentioned that gcc 2-95.3 is required for compiling, sadly I dont have it, so any ideas? I too have never compiled a kernel for the z although I did do it a few times for my linux box.
Go to the top of the page
 
+Quote Post
miskinis
post Sep 16 2006, 10:54 PM
Post #5





Group: Members
Posts: 333
Joined: 8-January 05
From: North East, USA Today
Member No.: 6,159



QUOTE(bam @ Sep 16 2006, 10:07 PM)
I suppose....

I did peek around, it mentioned that gcc 2-95.3 is required for compiling, sadly I dont have it, so any ideas? I too have never compiled a kernel for the z although I did do it a few times for my linux box.
*


It's not uncommon (and somewhat sad) for a particular software entity to require an
older version of GCC. I remember a while back when we were discussing a
native "Space Trader" for the Z, I followed some Qt development setup guide
(which also had some issues), but I was able to get gcc295-2.95.3-0 and
gcc-cross-sa1100-2.95.2-0 setup on my Redhat 9 machine, piecefully coexisting with gcc-3.2.2-5. All-in-all it was not too difficult to get a simple Qt app built, and then
running on the 5500's stock ROM.

I have compiled many a kernel for a few different machines, but only 2.0.36-2.4.* and
always for a PC of some type, so I've got experience in that realm, and will be trying to
learn more about the Z's specifics shortly, starting with the 5500.

Now, for clarification, if we get a kernel to compile for the Z, on the Z, would that
be really helpful? I assume that kernel-level modules are required to support an
encrypted filesystem, are they readily available with full kernel source code for the Z?
Go to the top of the page
 
+Quote Post
Da_Blitz
post Sep 17 2006, 12:06 AM
Post #6





Group: Members
Posts: 1,565
Joined: 7-April 05
From: Sydney, Australia
Member No.: 6,806



as far as i know its only 2.4 kernels that need gcc 2.xx, i have compiled a 2.6 kernel using gcc 4 and it worked alright

anyway i have done the entire crypto disk setup at home. and while losetup is nice i would greatly recomend dm mapper with crypto support, i am not sure what its status is with 2.4 but with 2.6 and the luks key setup it works a treat.

also if you are going to do it properly you might as well have / on lvm2, you already need an initrd to ask for the password so it would not be that much harder to identify and mount /

my home setup consists of:
CODE
disc <-> crypto <-\                    /---> /
                 [RAID 0]----> LVM <---|---> /home
disc <-> crypto <-/                    \---> /usr/local


so i need 2 passwords. i had a problem with setting up the keyboard at first (as i use a usb keyboard) and so had to fiddle with the modules. the best way to do it would be to use a file as the passphrase that is encrypted with gpg, so you need the device that holds the key and a password to boot the thing

it seems complicated but i found that the longest part for me was filling up my 2 drives (200G each) with random data, it took almost a day to do sad.gif the rest such as setup and building the initrd took me about 20mins to do on a gentoo machine installing from stage 3.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 28th December 2014 - 02:15 AM