My scripts uses cryptoloop. Unfortunately MeeGo 1.1 netbook stock kernel didn't support md_crypt so that was a no go. Of course I could compile the module myself but I wanted out-of-the box solution.
Basic idea is to create custom initrd and use it. My solution needs Live USB stick to boot and do the magic. Also another USB drive is needed to get the current root filesystem in safe while encrypting the partition. I don't know if it's possible to encrypt "in place" meaning to use two loopback devices. However this is the safe solution.
For the busy ones, just boot the MeeGo 1.1 Live USB and grab these files:
http://kaaos.huutonauru.net/meego/netbook_rootfs_crypt/crypt_hd.sh
http://kaaos.huutonauru.net/meego/netbook_rootfs_crypt/mkcryptrd.sh
Then:
chmod a+x crypt_hd.sh mkcryptrd.sh
su
./crypt_hd.sh
And follow the instructions.
The ones who have more time and want to double check everything, please follow instructions at: http://kaaos.huutonauru.net/meego/netbook_rootfs_crypt/README
This solution has at least one drawback. Once the kernel updates you have to recreate the initrd. For that purposes I created a tiny script than can be run after kernel update:
http://kaaos.huutonauru.net/meego/netbook_rootfs_crypt/update_initrd.sh
That script also needs the mkcryptrd.sh script above.
Of course that may break your system at any time, so be warned.
For my Lenovo Ideapad S10-3t and MeeGo 1.1 netbook it worked fine. My test case was to make very fresh installation first from the Live/installation USB. Boot again and setup the cryptoloop from Live USB. After that I could easily boot my crypted MeeGo 1.1. It asks password in very early phase of boot process. After it's written correctly the MeeGo 1.1 system should boot up normally.
This worked for me, and I give no guarantee that this works for you. However you're welcome to send patches and improvements.
UPDATE 29.11.2010:
Some people have reported problems when they have different kernel version than on Live USB. The're unable to boot back to their system. I try to figure out solution for this issue.
2 comments:
Thanks a lot for these scripts. They've helped me get out of a tight spot, where I added another device to the btrfs root and then meego wouldn't boot. Modified your scripts a bit to run btrfsctl -a instead of losetup and I was back on my way.
It’s really an interesting fact which I just got to know via this blog. Making this blog and keeping it updated is the best possible thing which customer always ask for. So I would like to thank for this interesting knowledge given by the moderator!
http://www.electrocomputerwarehouse.com
Post a Comment