Hi, I have a little server at home which has an encrypted disk mounted at 
/home/media/1tbdisk 

I added it to crypttab and the decrypted dm device to fstab, but i have the 
following problems:


1) the keymap upon luksOpen is qwerty, even though i have my keymap set in 
rc.conf and added 'keymap' to hooks in rc.conf
I ran `mkinitcpio -p kernel26` in the shell that the init(script) gave me when 
it tried to mount /dev/mapper/decrypted (after i mounted -o remount,ro /).  Do 
i really have to run mkinitcpio again from the real system and reboot? (i can 
do it, but would like to know what might have gone wrong here)

2) even when i'm sure i'm typing correct pass (in qwerty) it doesn't unlock. i 
added dm_crypt to modules in rc.conf but
no change. it asks the pass 3 times and then fstab tries to mount the 
nonexisting device and i get the shell

If i comment out the entries in crypttab and fstab and unlock+mount myself 
after boot, it works fine.


3) even if for some reason one fails to unlock the volume, it would be
nice that the boot process can continue. maybe there could also be a
timeout: not unlocked within 60s, continue boot process.  is this possible to 
do or would it make things too complicated?

4) suppose one can fix the stuff in the shell that you get from the fstab hook, 
is it possible to
just resume boot instead of rebooting?

5) any other thoughts about this kind of setup?  I know it's possible if you 
have IPMI to do serial over lan and type your password from anywhere around the 
globe during bootup.  but i don't have ipmi, so if no-one can unlock the volume 
in x seconds, it can continue booting.

Dieter

Reply via email to