C sesame-setup implementation
David Zeuthen
david at fubar.dk
Tue Jan 4 08:58:51 PST 2005
On Sat, 2005-01-01 at 18:01 -0600, W. Michael Petullo wrote:
> I hope to make this stuff initrd-friendly once I have the basics working.
>
Sounds good.
> > This only works for me if I put /sbin in my $PATH - on FC3, that binary
> > is in /sbin. Any idea what to do here? I think we always want to assume
> > that cryptsetup is in /sbin so sesame-setup works without /usr mounted,
> > right?
>
> This is probably a safe assumption.
Cool.
> > Btw, is there any good reason for relying on cryptsetup rather than just
> > dmsetup? Either way is in principle fine with me.
>
> Cryptsetup can perform hashing of passphrases. Also, cryptsetup is now
> statically linked on Fedora for the purpose of its use in initrds.
> Using cryptsetup is consistent with other developments (encrypted swap
> and encrypted root filesystem) in progress. Other than that, I am not
> really attached to either.
>
Ok, we can always change that to use dmsetup later.
> Attached you should find another patch vs. CVS. This patch implements
> the other side of the coin -- it formats a device in a sesame-compliant
> way. It's not done, but I wanted to submit it for comments. Right now it
> does everything except write the sesame header to the device. This must
> still be done by hand.
>
Oh, ok, I had kind of envisioned that we didn't really need any specific
format program, only programs to encrypt/decrypt existing block devices
but it seems this might be a good idea anyway cf. that Sjoerd and co.
wants to make the encrypted file system start after the metadata; does
sesame-setup support that option yet?
> Here is an example of using sesame-format and sesame-setup:
>
> 1. Execute sesame-format. This will block, waiting for a password on stdin:
> ./sesame-format -v /dev/sdb4
>
Should check that /dev/sdb4 is already mounted?
> 2. Place the information printed by sesame-format into a sesame header:
> uuid is <UUID>
> encrypted key is <EKEY>
>
> The header should look like this:
> # SESAME_MAGIC
> version = '0'
> uuid = '<UUID>'
> block_key_cipher = 'aes'
> block_key_sha1 = 'FIXME'
> enc_key_cipher = 'aes'
> enc_key = '<EKEY>'
>
> 3. Remove the dm-crypt device created in step 1.
> cryptsetup remove sesame_crypto_<UUID>
>
OK, sesame-format should use private names such as
sesame_format_temp_<UUID> such that hald won't pick up the device while
we're operating on it.
> 4. Install the sesame header:
> dd if=../../cryptheader bs=1c count=512 of=/dev/sdb4
>
4b. Tell hald to rescan the device; right now we can do this 'blockdev
--rereadpt /dev/sdb' but in the future you will be able to just invoke a
method on hald to do this (so we don't have the hack on going
from /dev/sdb4 to /dev/sdb).
I assume steps 1-4b will all be covered by sesame-format?
> 5. Execute sesame-setup, entering the password from step 1.
> ./sesame-setup -v /dev/sdb4
>
> 6. Mount the dm-crypt device.
> mount /dev/mapper/sesame_crypto_<UUID> ...
>
This will happen automatically because of 4b. (once we get all that
integrated) - just as if the block device have been inserted. So, I
think this looks pretty good; do you want me to comment on the patch or
do you have a newer version already (my reply was a bit delayed, sorry).
Cheers,
David
_______________________________________________
hal mailing list
hal at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/hal
More information about the Hal
mailing list