Jump to content

Photo

How to open an additional LUKS container at startup (initramfs) beside root or swap devices

LUKS cryptsetup initramfs genkernel

Best Answer matboe , 28 January 2016 - 11:33 AM

Ok,

 

I found the solution: I had to edit /etc/conf.d/dmcrypt (there are already examples...) and did a rc-update add dmcrypt boot. After reboot everything worked as expected.

 

Matthias

Go to the full post »


1 reply to this topic

#1
matboe

matboe

    Newbie

  • Members
  • Pip
  • 0 posts

Hello,

 

I have an encrypted LUKS root filesystem on one harddisk that I "open" with a passphrase at startup. The initrd.script of genkernel package provide the methods for decrypting. But if I understand the script(s) correct this will work only for encrypted root and swap devices. Normally I have my home directory on an additional raid10 setup which should be encrypted too. There is a comment at the top of the script which says that I need cryptsetup-luks for decrypting additional encrypted devices but this package does not exist anymore. Does someone is using a similar setup? Where would be the best place to add a hook for opening an additional LUKS container?

 

For testing I added already some code to initrd.script and I was able to enter a passphrase to open the additional LUKS container but then the init script was not able to mount / to /newroot.

 

Any ideas?

 

Matthias



#2
matboe

matboe

    Newbie

  • Members
  • Pip
  • 0 posts
✓  Best Answer

Ok,

 

I found the solution: I had to edit /etc/conf.d/dmcrypt (there are already examples...) and did a rc-update add dmcrypt boot. After reboot everything worked as expected.

 

Matthias





Reply to this topic



  



Also tagged with one or more of these keywords: LUKS, cryptsetup, initramfs, genkernel

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users