Hi, im just new here, so hi!.
I discover Salix a few months ago and I love it. Simple, easy, powerfull. Just what slack was a few years ago ...
I was a slack user way back, i went debian because apt (yeah, im lazy ), but i love to try any distro i could find, so recently i was looking for a light distro for my "netbook" (a six years 700m 13in celeron), so i choose salix. This is my issue, im kind a paranoid freak that dont want my cooking recipies fall in the wrong hands, so i dont use a distro without encryption. Salix has no encrypt install (the easy way...) but the slack way isn't that hard, at least for a non so newb linux user like me me. But, and this is the Salix little issue, the slack way cant work out of the box, i mean this way:
http://slackware.osuosl.org/slackware-c ... _CRYPT.TXT
(yeah, the readme_crypt.txt)
Because the howto says you must use a GENERIC kernel, and Salix only brings the HUGE kernel, that cant work (at least i cant make it work)...
So i make a few tries in a VM and i found an easy solution, just copy an entire /boot from a fresh Slackware 13 install over the Salix /boot, right before the
# mkinitrd -c -k 2.6.33.4-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
step. I choose not to overwrite the Salix boot files, anyway, this just add the slackware GENERIC kernel to Salix (after all, Salix is 100% compatible).
Ok, this work just fine in the VM test and also in my laptop, so i had a full root encrypted Salix working fine (and im so happy I had to share it)
Im just a linux fan, not an advance user at all, so this was just trial and error, and i cant say it might work in the long run, but better users may improbe this.
Ah!!! The suggestion (its the forums point, after all ), I just think this could be much easier if the GENERIC kernel were included in the default Salix install, so the readme_crypt.txt might work just as writen.
I hope this can be useful!!!
Thx for this great distro!!!
PD: Sorry for the ugly english, I usually speaks (i mean write) spanish!
Making root encryption easier.
Re: Making root encryption easier.
Hi ricotero and welcome.
You know, you can install the generic kernel package in salix anyway, even if it's not installed by default.
Also, although I have never encrypted any of my partitions, the way I read it in the guide you linked to:
You know, you can install the generic kernel package in salix anyway, even if it's not installed by default.
Also, although I have never encrypted any of my partitions, the way I read it in the guide you linked to:
is that lilo will just complain with the huge kernel. But it will work. It won't work only on very old systems, but it should work on most fairly modern ones, at least anything from a P2 and newer I think. At least I think it will. Have you tried it?We also need to change the kernel file to a generic kernel, because lilo is unable to combine the 'huge' kernels in Slackware 13.1 with an initrd image - it will complain about "The initial RAM disk is too big to fit between the kernel and the 15M-16M memory hole" if you try with a 'huge' kernel.
Re: Making root encryption easier.
Hi gapan!
Actually i tried when i was "learning" to do it with the VM (Virtualbox) and it didnt work, then i tried in the laptop (its not so old, has 1.5 gb ram and 1.6 celeron from p3 series), didnt work either. So i just asume the slackware guide was correct, a kernel missing, and this is the "easiest" solution i could come out . Of course it has to be better and more elegant solutions... I just have to keep learning...
I imagine that once the system is installed you could use slapt-get to download the generic kernel, but i want to encrypt the root at the install, so i search the salix disk and i couldn't find it, my bad. Then i made a fresh Slackware just to see if the howto really work, and then i found the difference beetwen Slack /boot and Salix. Of course I understand that Salix has the simplicity and minimal weight as main target, that's why anything more than necesary is stripped away (and that's why i like it in the first place).
As i said in the original post, any improve/help is welcome, i still have a lot to learn! (and that's why i choose a hands on distro, most distros today take all the fun from users!!!!), i still dont dare to look the gentoo way, but some day...
Thx for the imput!
Actually i tried when i was "learning" to do it with the VM (Virtualbox) and it didnt work, then i tried in the laptop (its not so old, has 1.5 gb ram and 1.6 celeron from p3 series), didnt work either. So i just asume the slackware guide was correct, a kernel missing, and this is the "easiest" solution i could come out . Of course it has to be better and more elegant solutions... I just have to keep learning...
I imagine that once the system is installed you could use slapt-get to download the generic kernel, but i want to encrypt the root at the install, so i search the salix disk and i couldn't find it, my bad. Then i made a fresh Slackware just to see if the howto really work, and then i found the difference beetwen Slack /boot and Salix. Of course I understand that Salix has the simplicity and minimal weight as main target, that's why anything more than necesary is stripped away (and that's why i like it in the first place).
As i said in the original post, any improve/help is welcome, i still have a lot to learn! (and that's why i choose a hands on distro, most distros today take all the fun from users!!!!), i still dont dare to look the gentoo way, but some day...
Thx for the imput!
Re: Making root encryption easier.
I'm using salix64-fluxbox-13.37.iso and the README_CRYPT.TXT instructions worked like a charm, even with the "HUGE" kernel.
I jumped right to the "Combining LUKS and LVM" section.
One thing that was odd was that I had to doinstead ofmkinitrd kept complaining that 2.6.37.6-smp could not be found.
My uname before and after the install showsAlso, I don't think the -m switch is necessary because the ext3 driver is built into the kernel.
Anyway, I'm really enjoying my fully-encrypted Salix now
Cheers!!!
na5m
I jumped right to the "Combining LUKS and LVM" section.
One thing that was odd was that I had to do
Code: Select all
# mkinitrd -c -k 2.6.37.6 -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
Code: Select all
# mkinitrd -c -k 2.6.37.6-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
My uname before and after the install shows
Code: Select all
Linux darkstar 2.6.37.6 #3 SMP .....x86_64.........
Anyway, I'm really enjoying my fully-encrypted Salix now
Cheers!!!
na5m
Salix 64-bit (Fluxbox 13.37) | Kernel 2.6.37.6 #3 | nVidia 275.09.07
I've over-clocked my cuckoo clock.
I've over-clocked my cuckoo clock.
Re: Making root encryption easier.
That's because there is no non-SMP x86_64 kernel, so the -smp suffix is not necessary.na5m wrote:One thing that was odd was that I had to doinstead ofCode: Select all
# mkinitrd -c -k 2.6.37.6 -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
mkinitrd kept complaining that 2.6.37.6-smp could not be found.Code: Select all
# mkinitrd -c -k 2.6.37.6-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
That's true for the huge kernel.na5m wrote:My uname before and after the install showsAlso, I don't think the -m switch is necessary because the ext3 driver is built into the kernel.Code: Select all
Linux darkstar 2.6.37.6 #3 SMP .....x86_64.........
Re: Making root encryption easier.
Just as hint to make an encrypted install should the generic kernel be needed. You're encrypted partitions where Salix installed to should be mounted on /mnt.
So just run this:
So just run this:
Code: Select all
chroot /mnt
mount -t proc none /proc
mount -t sysfs none /sys
/etc/rc.d/rc.inet1 start # optionally just dhcpcd eth0 can be enough too, to bring up your networking in the chroot environment
slapt-get -u
slapt-get -i kernel-generic[-smp]
umount /proc /sys
exit
Re: Making root encryption easier.
Thanks for the info, thenktor.thenktor wrote:That's because there is no non-SMP x86_64 kernel, so the -smp suffix is not necessary.
Maybe they should stop making non-64 bit kernels altogether.
Do they even make 32 bit CPU's anymore?
Salix 64-bit (Fluxbox 13.37) | Kernel 2.6.37.6 #3 | nVidia 275.09.07
I've over-clocked my cuckoo clock.
I've over-clocked my cuckoo clock.
Re: Making root encryption easier.
Yes, they do e.g. AMD Geode.na5m wrote:Do they even make 32 bit CPU's anymore?