lubuntu-qa team mailing list archive

Thread
Date

Re: encrypted home does not work alone

To: Walter Lapchynski <wxl@xxxxxxxxxx>
From: Nio Wiklund <nio.wiklund@xxxxxxxxx>
Date: Thu, 12 Mar 2015 18:29:18 +0100
Cc: "lubuntu-qa@xxxxxxxxxxxxxxxxxxx" <lubuntu-qa@xxxxxxxxxxxxxxxxxxx>, John Hupp <lubuntu@xxxxxxxxxxxxxx>
In-reply-to: <CAFe_ewhUeCshGDKHvVsY-r1khzpEGp3MKr373OnqSdFy3H3c8w@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.5.0

I did one hour ago :-)

Den 2015-03-12 18:20, Walter Lapchynski skrev:
> So the bug you mentioned is a dupe that says fix released. Might want
> to comment on the official bug if you wish to disagree.
> 
> On Thu, Mar 5, 2015 at 1:16 AM, Nio Wiklund <nio.wiklund@xxxxxxxxx> wrote:
>> Den 2015-03-04 20:38, Nio Wiklund skrev:
>>> Hi everybody,
>>>
>>> Continuing testing I found that cryptswap does not work even when it is
>>> run alone in a 'use the whole disk' installation. This is a bad bug.
>>>
>>> It seems to be an old bug:
>>>
>>> https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875
>>>
>>> I found what I think is this bug in a system installed from the Lubuntu
>>> Vivid alternate 32-bit daily iso file.
>>>
>>> vivid-alternate-i386.iso
>>>
>>> cryptswap is there when I reboot from the installer, but the second time
>>> I reboot it is gone.
>>> _____
>>>
>>> /etc/crypttab:
>>> cryptswap1 UUID=b66610ce-376c-42cf-8d02-8983f2a40d70 /dev/urandom
>>> swap,cipher=aes-cbc-essiv:sha256
>>>
>>> blkid:
>>> /dev/sda1: UUID="63725e48-ebeb-4c33-a023-d34191a6b2bd" TYPE="ext4"
>>> PARTUUID="ef7fb1de-01"
>>> /dev/sda5: PARTUUID="ef7fb1de-05"
>>>
>>> modified /etc/crypttab:
>>> # <target name>    <source device>        <key file>    <options>
>>> cryptswap1 /dev/sda5 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
>>> _____
>>>
>>> Hint to the developers: It works with the modified crypttab
>>>
>>> So it seems that the device information is wrong in /etc/crypttab. Maybe
>>> it would be better to have to PARTUUID than the device /dev/sda5.
>>>
>>> Best regards
>>> Nio
>>>
>>
>> Hi again,
>>
>> John Hupp helped me find more information about the cryptswap bug. See
>> comment #37 of the bug report
>>
>> https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875
>>
>> I can confirm that it works as a work-around, and there should be enough
>> information in the bug report
>>
>> https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1310058/
>>
>> to squash that bug.
>>
>> We are also getting help from ventrical at the Ubuntu Forums to test
>> various encrypted systems. See the following link
>>
>> http://ubuntuforums.org/showthread.php?t=2266912
>>
>> I try to sum it up in post #35 of the Ubuntu Forums thread.
>>
>> -o-
>>
>> We should not be surprised that 'Encrypted home' is no longer part of
>> any [other] Ubuntu flavour test-case. It does not work :-(
>>
>> There are certainly user cases, where it would be useful, but 'Encrypted
>> home' has been buggy since March 2012 when Alan Pope reported bug
>> #953875. I think it is a bad idea to make a separate test-case for it now.
>>
>> So let us go ahead with the alternate test-cases, modified only at these
>> places:
>> -----
>> 'No' for encrypted home directory # Changed from 'Yes'. This is the most
>> important modification.
>>
>> 'Yes' unmount mounted partitions in the target drive # Additional item
>> which is important.
>>
>> 'No' to install grub boot loader to master boot record. Instead select
>> the target drive for the bootloader manually. # Changed from 'Yes'. This
>> is optional but I recommend it because the automatic choice often
>> creates problems for me.
>> -----
>>
>> Best regards
>> Nio
> 
> 
>

References

encrypted home does not work alone
From: Nio Wiklund, 2015-03-04
Re: encrypted home does not work alone
From: Nio Wiklund, 2015-03-05
Re: encrypted home does not work alone
From: Walter Lapchynski, 2015-03-12