gabriel-del
-
Posts
2 -
Joined
-
Last visited
Content Type
Profiles
Forums
Blogs
Posts posted by gabriel-del
-
-
Hello, I have a crypted /home (/dev/mapper/lvm-home) inside lvm, and a keyfile on /boot (/dev/sda1): /boot/keyfile
Why: On normal days, it boot automatically, but on vacations/trips I delet the /boot/keyfile and people can't access.
On ArchLinux it worked with:
[ /etc/default/grub ]
GRUB_CMDLINE_LINUX="cryptdevice=/dev/mapper/lvm-home:home cryptkey=/dev/sda1:ext4:/.boot root=/dev/mapper/lvm-funtoo dolvm rootfstype=ext4"
and before: grub-mkconfig -o /boot/grub/grub.cfg
On Funtoo I tried the same and:
[ /etc/crypttab ]
home UUID=44ae1749-28d7-4f35-9948-e02b747213cf /dev/disk/by-uuid/013e1dc7-cb3f-4a90-8b4e-251179adcbe5:/keyfile luks,initramfs
[ /etc/conf.d/dmcrypt ]
target=home
source=UUID=44ae1749-28d7-4f35-9948-e02b747213cf
key=/dev/disk/by-uuid/013e1dc7-cb3f-4a90-8b4e-251179adcbe5:/keyfile
With "genkernel --lvm --luks initramfs" after all.
[ /boot/grub/grub.cfg ]
linux /kernel-debian-sources-x86_64-5.10.40_p1 root=/dev/mapper/lvm-funtoo ro cryptdevice=/dev/mapper/lvm-home:home cryptkey=/dev/sda1:ext4:/keyfile root=/dev/mapper/lvm-funtoo dolvm rootfstype=ext4 loglevel=7
echo 'Loading initial ramdisk ...'
initrd /early_ucode.cpio /initramfs-genkernel-x86_64-5.10.40_p1-debian-sources[ /etc/fstab ]
/dev/mapper/lvm-funtoo / ext4 defaults 0 1
/dev/sda1 /boot ext4 defaults 0 0
/dev/mapper/home /home ext4 defaults 0 0
/home/.swap none swap sw 0 0
/home with luks on lvm and key on /boot
in Desktop Help
Posted
Thank you for the reply!!
I tried the:
sed '/MODULES_CRYPT/ s/\"$/ af_alg algif_skcipher\"/' -i /usr/share/genkernel/arch/$(arch)/modules_load
and:
genkernel --clean --luks --lvm --disklabel --ramdisk-modules --fullname=$(ls /boot/initramfs-* | tail -c +17) initramfs
But stil don't work.
As the only encrypet partition is the /home (the / is not), it should work even without use kernel parametrs, right?
For example using the crypttab or dmcrypt.