Encrypted disk without a separate “/boot”

When support for legacy grub (or grub1) was dropped for opensuse 13.2, one of the reasons was to make it easier to support encryption without a separate unencrypted “/boot” partition.  Recent releases of grub2 have some support for accessing encrypted file systems, so it was mostly a matter of adding support to the installer.

I decided to test how that works.  So I did a test install of opensuse 13.2 into an encrypted LVM, without a separate “/boot”.  The Yast installer was happy with that.  It did not complain that there was no “/boot”.  So I continued through the full install.

There were no install errors reported.  But it didn’t work.  Instead, while booting, I got a grub shell.  And the grub shell did not offer any commands related to crypto.

Read More…

My February install

As previously mentioned, I am periodically doing a throwaway install of Tumbleweed to test the installer.  This one went smoothly, so this will be a short post.

Downloading

I downloaded the DVD installer for snapshot 20150201.  Apparently, just about everything was recompiled, so a simple update of my existing system would have downloaded almost as much as the DVD image.  As usual, I used “aria2c” to download.  And that went at about my usual speed (it takes a little under an hour for the download).  Again, as usual, I wrote the downloaded iso image to a USB flash drive and used that for the install.  I downloaded on Feb 03. Read More…

Legacy install on a UEFI box

In a recent post, I mentioned the issue of installing opensuse for legacy booting, even though the installer was booted using UEFI.  I suggested that it was possible.

I have since tested that, and it worked as expected.

Partitioning

In this case, I installed to an external drive, because my internal drives all used GPT partitioning.  And part of the issue was whether I could retain legacy partitioning.

If you want to try this, it is important that you create the partitions you want before you start the installer.  All of the evidence I have seen suggests that if you partition during the install, then the disk will be converted to GPT partitioning.  So partition first, install later.

I used an already partitioned 80G external drive.  It’s really an old IDE hard drive in an external enclosure.  It is partitioned with a 500M “/boot” (formatted “ext2″), and the rest of the disk in an encrypted LVM containing root, home and swap volumes. Read More…

Changes to “gpg”

After updating my Tumbleweed system last week, I noticed that something had changed with “gpg”.  Or, more explicitly, “gpg” was not working at all.  This was immediately noticeable, because I had configured “kdewallet” to use “gpg” for encryption.

Okay, that’s a bug.  It will presumably be fixed before opensuse 13.3 is released.  For now, I had to find out what was up and how to work around the problem.

What changed?

The specific Tumbleweed change was an update of gpg from version 2.1.0 to 2.1.1.  The major change was already there in 2.1.0, but I had not noticed it because everything that I was doing still worked.  The 2.1.1 update broke that.

The specific change was to remove support for old pgp2 keys.  These are the type of key introduced with pgp2 in the early 1990s.  They use RSA  (for the public key encryption) and the md5 digest algorithm for hashing.  These days, the md5 hash is considered too weak.

Read More…

Goodbye, Synaptiks

Yesterday, snapshot 20150115 for opensuse Tumbleweed showed up.  So I updated my system.  While updating, I noticed that “synaptiks” was being removed.

That’s not a problem on that system, since it is a desktop so does not have a touchpad.  But I have been relying on “synaptiks” for several years on my laptop, so I investigated.

Checking the repos

After the update, I rebooted.  Then I opened Yast Software Management to see if synaptiks was still in the repo.  It was.  So I selected it for install.

A conflict resolution dialog popped up.  I was hoping for that, as it would tell me something about why “synaptiks” was removed.

Read More…

Installing Tumbleweed, Jan 2015

I am planning to do a clean install of Tumbleweed every month.  This will usually be a throwaway install.  That is, I won’t be intending to keep the installed system.  Rather, I am trying out the installer and I will report any bugs that I might find.  I’m doing this because Tumbleweed is, in effect, a preview of the next mainline release (opensuse 13.3).

On this occasion, my install was to my laptop.  I actually installed to an external 80G hard drive connected to the laptop.

Quick summary

The quick summary is that install mostly went well.  I went with defaults for many options, so that the install resulted in the KDE desktop.  The main surprise was to notice that the default MTA (mail transfer agent) is now “exim” rather than “postfix”. Read More…

UEFI vs. Legacy booting; clearing some confusion

This post is prompted by a couple of case where people were having problems:

  • An opensuse mailing list thread here and continued here;
  • an opensuse forum thread here.

In both cases, the user had a UEFI capable computer, but wanted to install opensuse to use Legacy booting (also called MBR booting).  In both cases, they already had an installed Windows system that used legacy booting.  They wanted to install opensuse for legacy booting for better compatibility.

I usually prefer to install for UEFI booting.  That’s a better way of booting.  But in this case, the users were right that they should install for Legacy booting.

In both of these cases, the user thought that he had configured the BIOS to use legacy booting.  However, in both cases, the opensuse install  media was booted using UEFI.  And that is where things became confused. Read More…

Tracking down a bug

A few days ago I ran into a problem with my Tumbleweed install.  In this post, I’ll describe what happened and how I investigated it.

I had just updated to the 20141225 snapshot.  The availability of that snapshot had been announced on the factory mailing list.  I updated using the command

# zypper dup

During the dialog for the update, I noticed that this included an updated kernel (3.18.1-1-desktop).

Rebooting

After the update, I rebooted to make sure that I was using the newly installed software.  And that’s where I ran into problems.  My Tumbleweed system is using an encrypted LVM.  So, as expected, I was prompted for the encryption key during the boot.  When I tried to type in the key, nothing happened.  It looked as if the keyboard was not being read.  Note that this system is using a generic USB keyboard.  It’s actually a Dell keyboard, though the computer itself is a Lenovo.

Read More…

2014 in review

The WordPress.com stats helper monkeys prepared a 2014 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 60,000 times in 2014. If it were a concert at Sydney Opera House, it would take about 22 sold-out performances for that many people to see it.

Click here to see the complete report.

An update on the logitech M325 mouse

It is almost two years since I reviewed the M325.  Since then I have bought a second one, so I guess I must like it.

My first M325 was for my laptop.  I’m using the second one on my main desktop.

A negative

I’ll start with what I don’t like.  The scroll wheel is too sensitive.  It takes too little force to move.  So if my finger bumps against the scroll wheel, I’ll accidentally scroll the current window.  I more-or-less have that under control, but I still occasionally scroll when I don’t intend to.

A bluetooth mouse that I bought a few years ago was even worse for this.  So I guess people like that easy scroll behavior.  However, I’m used to also using the scroll wheel for middle-click.  So I had to learn to avoid accidentally scrolling while middle clicking.

Wireless signal

The wireless signal strength seems to be weak.  Overall this is probably a good thing, for it means that outsiders will have trouble picking it up.

Read More…

Follow

Get every new post delivered to your Inbox.

Join 37 other followers