[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: ARE: Changing journaling mode on root / loop-aes



Ivan:

	Well there are some several reasons for using GRUB, where it
seems to do a far better job than lilo.

	Firstly, I can more easily edit kernel options using grub, and
if I am building a kernel and I do not run lilo before rebooting I just
wasted time and efforts. I also can easily edit kernel command line
options right as the boot process begins, rather than having to edit
/etc/lilo.conf and rerun the lilo command again.

	Secondly, I need the initrd because I am planning the
implementation of loop-aes as my encryption layer for encrypting the
root partition. This makes requisite the need for an initrd, and for the
ext3 modules to NOT be part of the kernel. Perhaps one day RedHat (as
did SuSE) will offer a form of encrypting filesystem (see
loop-aes.sourceforge.net), which allows both the root and other (/home
for example) partitions to be encrypted using an encryption standard as
powerful as what the NSA approved (AES-256). In the way I plan to
configure my system, I will have AES-256 encryption for root and /home
partitions!

	Thirdly, I intend to implement a module to use the smartcard
reader I have to allow my CAC (DOD ID card, which I will be issued this
year) as the means of supplying the passphrase for loop-aes; this again
must be done via initrd as a part of the boot up process.

	I had given some attention to the "indenticator" as a potential
means of using a fingerprint scanner as the input for the passphrase,
but I opted with the smartcard reader, since the cost was much lower and
result not too much different from using the indenticator. The smartcard
reader costs $17, whereas the fingerprint scanner would have cost
significantly more with not much of a greater ROI.

	Lastly, my machine triple-boots XP, Solaris and Linux, and I
find GRUB to be a far better boot loader than lilo. Lilo is passé and
many Linux users are moving wholesale to GRUB. I also intend to one-day
run "hurd", and for a booting of hurd you must use GRUB.


Very Respectfully, 

Stuart Blake Tener, IT3 (E-4), USNR-R, N3GWG 
Beverly Hills, California
VTU 1904G (Volunteer Training Unit) 
stuart bh90210 net 
west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 
east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 

Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's
free!) 

JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. 

Tuesday, July 09, 2002 1:17 AM


-----Original Message-----
From: Ivan Ivanov [mailto:ivandi vamo orbitel bg] 
Sent: Monday, July 08, 2002 11:04 PM
To: Tener, Stuart B., IT3 , USNR-R
Cc: 'Bill Rugolsky Jr.'; ext3-users redhat com
Subject: Re: ARE: Changing journaling mode on root / loop-aes



> 	Generally I stay away from using rawhide RPMs since they can
> have bugs and as I understand it, and is not production level ready.
> Thus, it is quite interesting that if there is a fix for this (which
is
> script based, not code needing recompilation and distribution of new
> binaries), why there is no new update available via up2date?
>
> 	I will get the most recent mkinitrd from the rawhide
> distribution, and see if it fixes the problem.
>


This is the most complicated way to boot a linux box that I ever heared.
Why dont't you simple recompile your kernel with ext3 support and boot
your box using lilo.


Cheers
Ivan









[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]