OK I did not recognise it was for Opensuse leap 15 but it worked when running
I was doing this section:
11.1.3 Creating an Encrypted Virtual Disk
Instead of encrypting an entire disk or partition, you can use YaST to set up a file-based encrypted virtual disk. It will appear as a regular file in the file system, but can be mounted and used like a regular folder. Unlike encrypted partitions, encrypted virtual disks can be created without re-partitioning the hard disk.
To set up an encrypted virtual disk, you need to create an empty file first (this file is called loop file). In the terminal, switch to the desired directory and run the touch FILE command (where FILE is the desired name, for example: secret). It is also recommended to create an empty directory that will act as a mount point for the encrypted virtual disk. To do this, use the mkdir DIR command (replace DIR with the actual path and directory name, for example: ~/my_docs).
To set up an encrypted virtual disk, launch YaST, switch to the System section, and start Partitioner. Switch to the Crypt Files section and press Add Crypt File. Enter the path to the created loop file into the Path Name of Loop File field. Enable the Create Loop File option, specify the desired size, and press Next. In the Mount Point field, enter the path to the directory that serves as a mount point (in this example, it is ~/my_docs). Make sure that the Encrypt Device option is enabled and press Next. Provide the desired password and press Finish.
And I did the above and it worked I had a file area that was encrypted, well I think it was, all signs where good and then I shut the PC down for the night to come back again in the morning.
Unfortunately the start up now basically hangs waiting for something to happen at:-
A start job is running for dev-mapper-cr_secret.device (Xmins Y s/no limit)
I get no prompt for any password that I would assume it is waiting for it just hangs there for hours if I let it!
So what can I do to get my system back, assistance would be appreciated.
The operating system was up to date a few days ago when I did this, it would normally just log me in, without password is the any way I can undo what I have done or even get the system booted?
I then navigated to /home/adrian and with ls could see a directory called locked and inside a file called secret.
Could you please elaborate for me on the next section how to remove the lines in fstab and crypttab, could I just use vi and add a : or a ; to rem out a line or is it # ?
cd /etc
cp fstab fstab.orig
cp crypttab crypttab.orig
vi fstab # scroll to the bottom. last line should be mounting your my_doc, or whatever directory you created. Delete it and save.
vi crypttab # scroll to the bottom. last line should be mounting your my_doc, or whatever directory you created. Delete it and save.
Then reboot and you are good.
Then try again. It does work The secret file just can’t be inside the directory you use as a mount point.
I recommend creating a /home/adrian/mnt directory and then create a directory inside /home/adrian/mnt (e.g. /home/adrian/mnt/my_doc). That way if you need to mount other things in the future you mount them under your /home/adrian/mnt directory.
OK Sir I thank you for your patience, I am working again, I edited the files and rebooted, then I was able to remove the file it self, not sure if I have lost the space or not but that I will check out when I can.
Partitioner is not showing any crypt files and the disks are sda overall, sda1 for swap and sda2 for / and the sizes match up.
I will have a play when I next feel brave and I will read your comments as well as the wiki I think I understand that the files should not be within the directory as I am setting the directory to be the mount point for the file.
OK, looks like the only time I get to play with these things is around midnight.
But!
I have it working.
As before from terminal in home directory
~> touch secret
~> mkdir locked
Then into yast and followed the instructions to create the loop file, gave it a reasonable size of around 3Gig used /home/adrian/locked as the mount point added the password and it created it.
Restart of the computer it asked for the password and booted up OK.
Looked in Dolphin (file manager) and locked now has a lost and found folder in it, looking good so far.
But could not place anything in the locked folder, checked permissions and found as suspected only root could access. So File manager super user mode selected the locked folder and changed user to adrian and groups to users, selected apply to all sub folders and OK.
Out of super user mode and back into standard file manager and stick some documents into my locked folder.
Reboot computer and just hit return when prompted for the password (5 times) and the computer moves on and boots up, nothing is shown in the locked folder. The secret is there as a 3 Gig file in my home, but again not accessible.
Reboot again this time give it the password, boots up and once again I can access the files I stuck in the locked encrypted folder.
Job done.
Thanks for the help looks like the wiki page needs to be amended slightly to change the permissions as suggested.
It cannot be for Leap 15 because Leap 15 does not even have Crypt Files section in Partitioner; rather it is a bug in documentation which did not remove obsolete section.
Anyway, I briefly tested it on Leap 42.3 using instructions on this page and it worked fine. I used paths directly under / (/test-crypt.img and /test-crypt for mount point). Using paths inside of separate filesystem may lead to problems due to systemd units dependencies; it is hard to say without more information.
Thanks for the info on LEAP 15. I’m pretty sure I made the recommendation on the old LEAP 42.3 docs, since we were playing with 42.3. I never even looked at LEAP 15