keyctl add encrypted throws 'no such device'?

Support for security such as Firewalls and securing linux
Post Reply
ajiw
Posts: 2
Joined: 2014/10/24 02:57:36

keyctl add encrypted throws 'no such device'?

Post by ajiw » 2014/10/24 03:06:57

Hi, I’m implementing ecryptfs with ‘encrypted’ key type and I use Centos 6.5 with kernel 3.10.55 currently (I did an upgrade manually).
However, every time I try to do ‘keyctl add encrypted …..’ (want to implement https://www.kernel.org/doc/Documentatio ... ryptfs.txt), it always give me error with ‘add_key: no such device’. Thus, really appreciate if someone could give me some hints. Thanks.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: keyctl add encrypted throws 'no such device'?

Post by TrevorH » 2014/10/24 09:34:40

Sounds like you left some modules out of your custom kernel but I have no idea what they might be. This is one reason why we only support CentOS supplied kernels.

You might want to look at luks instead. In CentOS 7 they have deprecated ecryptfs in favour of luks.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

ajiw
Posts: 2
Joined: 2014/10/24 02:57:36

Re: keyctl add encrypted throws 'no such device'?

Post by ajiw » 2014/10/27 16:09:23

I don't think it is custom kernel as I use kernel-firmware-3.10.55-11.el6.centos.alt.noarch.rpm which I downloaded from http://vault.centos.org/6.5/xen4/Source/SPackages/. The reason of using ecryptfs is to encrypt system's data at the folder level in the server instead of encrypting the entire partition and we wanna use keyring management to store the passphrase. Kindly advise.

joeldavis33
Posts: 1
Joined: 2017/04/05 14:21:39

Re: keyctl add encrypted throws 'no such device'?

Post by joeldavis33 » 2017/04/05 14:26:35

I know this is old, but I was struggling and found this early on when I was trying to answer the same question. Replying for posterity.

I had to do a

Code: Select all

modprobe encrypted-keys
to avoid the above error message on CentOS 7. I would assume the same is going to be true for CentOS 6 although I don't have a machine handy to check. After that I was able to add encrypted keys exactly how it's show in the Kernel docs.

Post Reply