matboe Posted January 25, 2016 Report Share Posted January 25, 2016 Hello, I have an encrypted LUKS root filesystem on one harddisk that I "open" with a passphrase at startup. The initrd.script of genkernel package provide the methods for decrypting. But if I understand the script(s) correct this will work only for encrypted root and swap devices. Normally I have my home directory on an additional raid10 setup which should be encrypted too. There is a comment at the top of the script which says that I need cryptsetup-luks for decrypting additional encrypted devices but this package does not exist anymore. Does someone is using a similar setup? Where would be the best place to add a hook for opening an additional LUKS container? For testing I added already some code to initrd.script and I was able to enter a passphrase to open the additional LUKS container but then the init script was not able to mount / to /newroot. Any ideas? Matthias Link to comment Share on other sites More sharing options...
matboe Posted January 28, 2016 Author Report Share Posted January 28, 2016 Ok, I found the solution: I had to edit /etc/conf.d/dmcrypt (there are already examples...) and did a rc-update add dmcrypt boot. After reboot everything worked as expected. Matthias Link to comment Share on other sites More sharing options...
Recommended Posts