Leon Fauster wrote:>> Am 20.06.2017 um 16:53 schrieb m.roth at 5-cent.us: >> >> Upgraded a RAID. Copied everything from backup. >> >> And then my manager said I had to encrypt the drive. >> >> I've done that, and made the filesystem, but I can't mount it. >> >> CentOS 6. >> I have the entry in /etc/crypttab, and a key in /etc/crypt.pw, and the >> luks UUID in /etc/fstab. I cannot find the command that tells it to >> create the device in /dev/mapper from the info in /etc/crypttab. >> >> Clues for the poor? Yes, the server will, at some point in the future, >> go to CentOS 7, but that needs my user to be off for a while, and his jobs >> run literally for weeks, with loads upwords of 30 on an HBS (honkin' big >> server).... > > MAPDEVICE=/dev/sdxy ; cryptsetup luksOpen ${MAPDEVICE} luks-$(cryptsetup > luksUUID ${MAPDEVICE})Something's not right. I did cryptsetup luksOpen /dev/sdb luks-$(cryptsetup luksUUID $(/dev/sdb)) --key-file /etc/crypt.pw It did want the password, so I added --key-file, but it seems to have created /dev/mapper/luks, not the full luksUUID that's in both crypttab and fstab. mark> MAPDEVICE=/dev/sdxy ; mount /dev/mapper/luks-$(cryptsetup luksUUID > ${MAPDEVICE}) /mnt > > -- > LF > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
> Am 20.06.2017 um 17:12 schrieb m.roth at 5-cent.us: > > Leon Fauster wrote: >>> Am 20.06.2017 um 16:53 schrieb m.roth at 5-cent.us: >>> >>> Upgraded a RAID. Copied everything from backup. >>> >>> And then my manager said I had to encrypt the drive. >>> >>> I've done that, and made the filesystem, but I can't mount it. >>> >>> CentOS 6. >>> I have the entry in /etc/crypttab, and a key in /etc/crypt.pw, and the >>> luks UUID in /etc/fstab. I cannot find the command that tells it to >>> create the device in /dev/mapper from the info in /etc/crypttab. >>> >>> Clues for the poor? Yes, the server will, at some point in the future, >>> go to CentOS 7, but that needs my user to be off for a while, and his jobs >>> run literally for weeks, with loads upwords of 30 on an HBS (honkin' big >>> server).... >> >> MAPDEVICE=/dev/sdxy ; cryptsetup luksOpen ${MAPDEVICE} luks-$(cryptsetup >> luksUUID ${MAPDEVICE}) > > Something's not right. I did > cryptsetup luksOpen /dev/sdb luks-$(cryptsetup luksUUID $(/dev/sdb)) > --key-file /etc/crypt.pw > > It did want the password, so I added --key-file, but it seems to have > created /dev/mapper/luks, not the full luksUUID that's in both crypttab > and fstab.unmap: cryptsetup luksClose /dev/mapper/luks and then try again with following correction NOT ...UUID $(/dev/sdb) ...UUID /dev/sdb -- LF
Leon, Leon Fauster wrote:>> Am 20.06.2017 um 17:12 schrieb m.roth at 5-cent.us: >> Leon Fauster wrote: >>>> Am 20.06.2017 um 16:53 schrieb m.roth at 5-cent.us:<snip>>>>> I've done that, and made the filesystem, but I can't mount it. >>>> >>>> CentOS 6. >>>> I have the entry in /etc/crypttab, and a key in /etc/crypt.pw, and the >>>> luks UUID in /etc/fstab. I cannot find the command that tells it to >>>> create the device in /dev/mapper from the info in /etc/crypttab.<snip>>>>>>> >>> MAPDEVICE=/dev/sdxy ; cryptsetup luksOpen ${MAPDEVICE} >>> luks-$(cryptsetup >>> luksUUID ${MAPDEVICE}) >> >> Something's not right. I did >> cryptsetup luksOpen /dev/sdb luks-$(cryptsetup luksUUID $(/dev/sdb)) >> --key-file /etc/crypt.pw >> >> It did want the password, so I added --key-file, but it seems to have >> created /dev/mapper/luks, not the full luksUUID that's in both crypttab >> and fstab. > > unmap: cryptsetup luksClose /dev/mapper/luks > > and then try again with following correction > > NOT ...UUID $(/dev/sdb) > ...UUID /dev/sdbThank you *very* much for the help, and such fast responses. Googling hadn't been helpful.... I'm good now (and will be documenting it for my manager and the other admin). mark