Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Oh, I've seen copies [of Linux Journal] around the terminal room at The Labs. -- Dennis Ritchie

computers / alt.os.linux.slackware / Re: sshfs +cryptsetup volume, what's wrong?

SubjectAuthor
* sshfs +cryptsetup volume, what's wrong?slash
`* Re: sshfs +cryptsetup volume, what's wrong?Petri Kaukasoina
 `- Re: sshfs +cryptsetup volume, what's wrong?Erte Ribbile

1
sshfs +cryptsetup volume, what's wrong?

<uqgbjm$26r5i$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=2173&group=alt.os.linux.slackware#2173

  copy link   Newsgroups: alt.os.linux.slackware
Path: i2pn2.org!i2pn.org!news.hispagatos.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: sla...@invalid.invalid (slash)
Newsgroups: alt.os.linux.slackware
Subject: sshfs +cryptsetup volume, what's wrong?
Date: Tue, 13 Feb 2024 19:13:51 +0100
Organization: A noiseless patient Spider
Lines: 50
Message-ID: <uqgbjm$26r5i$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 13 Feb 2024 18:15:19 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="6a564c65c345e769d810a1f0d3a403d5";
logging-data="2321586"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+l4tgd9S1AEC1LOx2ZTvfV7U2OQwTFdYo="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:uCDW0F4N+882l56GZpxhNdSyJKo=
Content-Language: en-US
 by: slash - Tue, 13 Feb 2024 18:13 UTC

Hi all,

I'm trying to create/mount an encrypted volume on an sshfs mount. This
is what I do:

#1 I mount a remote directory:
slash@darkstar:~$ sshfs remotehost:/home/slash/ /mnt/remotehost/
Enter passphrase for key '/home/slash/.ssh/id_rsa':

#2 I create a volume:
slash@darkstar:~$ dd if=/dev/zero of=/mnt/remotehost/myvol.luks bs=50M
count=1
1+0 records in
1+0 records out
52428800 bytes (52 MB, 50 MiB) copied, 4.49761 s, 11.7 MB/s

#3 Encrypt the volume:
slash@darkstar:~$ cryptsetup -y -v -s 512 -c aes-xts-plain64 -h sha512
--use-random luksFormat /mnt/remotehost/myvol.luks

WARNING!
========
This will overwrite data on /mnt/remotehost/myvol.luks irrevocably.

Are you sure? (Type 'yes' in capital letters): YES
Enter passphrase for /mnt/remotehost/myvol.luks:
Verify passphrase:
Key slot 0 created.
Command successful.

#4 Open the encrypted volume:
slash@darkstar:~$ sudo cryptsetup -v luksOpen /mnt/remotehost/myvol.luks
myvol
Device /mnt/remotehost/myvol.luks does not exist or access denied.
Command failed with code -4 (wrong device or file specified).

#######################################################################################
Why do I get this error? The file exists, the remote directory is mounted:
#######################################################################################

slash@darkstar:~$ mount
remotehost:/home/slash/ on /mnt/remotehost type fuse.sshfs
(rw,nosuid,nodev,relatime,user_id=1000,group_id=100)

slash@darkstar:~$ ls -hal /mnt/remotehost/
-rw-r--r-- 1 slash users 50M Feb 13 18:50 myvol.luks

--
/

Re: sshfs +cryptsetup volume, what's wrong?

<uqgkf7$28dfr$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=2174&group=alt.os.linux.slackware#2174

  copy link   Newsgroups: alt.os.linux.slackware
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: kaukasoi...@sci.fi (Petri Kaukasoina)
Newsgroups: alt.os.linux.slackware
Subject: Re: sshfs +cryptsetup volume, what's wrong?
Date: Tue, 13 Feb 2024 20:46:31 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 9
Message-ID: <uqgkf7$28dfr$1@dont-email.me>
References: <uqgbjm$26r5i$1@dont-email.me>
Injection-Date: Tue, 13 Feb 2024 20:46:31 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="b50bef0cc654f7047ccb49099e234043";
logging-data="2373115"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18bXuZa4VIdU5YstLqHtKIGZhQDlhurLyE="
Cancel-Lock: sha1:0rddxTBRRmf0H8Wl2w7I3po/K6Q=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: kaukasoina3dore73js4@sci.fi (Petri Kaukasoina)
 by: Petri Kaukasoina - Tue, 13 Feb 2024 20:46 UTC

slash <slash@invalid.invalid> wrote:
>slash@darkstar:~$ sshfs remotehost:/home/slash/ /mnt/remotehost/
....
>slash@darkstar:~$ sudo cryptsetup -v luksOpen /mnt/remotehost/myvol.luks myvol
>Device /mnt/remotehost/myvol.luks does not exist or access denied.

By default, root can't access your fuse fs. You can add '-o allow_root' to
the sshfs command. To be able to add that as a regular user, you also need
'user_allow_other' in /etc/fuse.conf. See 'man mount.fuse'.

Re: sshfs +cryptsetup volume, what's wrong?

<uqhunc$2ijek$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=2175&group=alt.os.linux.slackware#2175

  copy link   Newsgroups: alt.os.linux.slackware
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: erteribb...@sfracel.li (Erte Ribbile)
Newsgroups: alt.os.linux.slackware
Subject: Re: sshfs +cryptsetup volume, what's wrong?
Date: Wed, 14 Feb 2024 09:47:40 +0100
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <uqhunc$2ijek$1@dont-email.me>
References: <uqgbjm$26r5i$1@dont-email.me> <uqgkf7$28dfr$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 14 Feb 2024 08:47:40 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="b4891af18455ceacb6d335dfce1c1fdf";
logging-data="2706900"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18O30uhxyNG5cgISebL6gsBhDtKY8D3+gE="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:AOfWjPnzedvbasDV8g028NyEa64=
Content-Language: en-US
In-Reply-To: <uqgkf7$28dfr$1@dont-email.me>
 by: Erte Ribbile - Wed, 14 Feb 2024 08:47 UTC

On 2/13/24 21:46, Petri Kaukasoina wrote:
> slash <slash@invalid.invalid> wrote:
>> slash@darkstar:~$ sshfs remotehost:/home/slash/ /mnt/remotehost/
> ...
>> slash@darkstar:~$ sudo cryptsetup -v luksOpen /mnt/remotehost/myvol.luks myvol
>> Device /mnt/remotehost/myvol.luks does not exist or access denied.
>
> By default, root can't access your fuse fs. You can add '-o allow_root' to
> the sshfs command. To be able to add that as a regular user, you also need
> 'user_allow_other' in /etc/fuse.conf. See 'man mount.fuse'.

Thanks Petri, 'sshfs -o allow_root...' did the trick.
'user_allow_other' in /etc/fuse.conf was already there.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor