Encrypted Root with F11

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I apologize if this has been asked before, I checked the most recent
archives and didn't find anything.

I've successfully set up two separate LUKS encrypted logical-volumes,
one for home and one for root. Everything appeared to be working
fine, until I tried to delete my old root logical-volume and found
out it was still in use: the kernel was using it as the root,
even though mount had then replaced it at / with the encrypted
one. So I tried simply changing the root parameter to the kernel
(from grub.conf) so it points to the encrypted one, but when I
boot, the startup routine stops after a little while and just
hangs there until I ctrl-alt-del, and then it restarts. I don't
think it's reaching init, because I haven't seen any of the usual
"Starting some server... [OK]" messages. I guess that makes sense
if it's failing to load the root device, it wouldn't get to init.

So can anyone help me get this set up properly? I have a basic
understanding of the boot process and I guess that something needs
to be changed in initrd to tell it to unlock the encrypted root
disk before mounting it. But I have no idea how to do that.

On a related note, can anyone explain what's actually required
of the root FS loaded by the kernel? I tried setting up just a
1GB empty ext3 filesystem to use as the root, and then let mount
replace it with the encrypted one once init starts, but this also
caused the startup process to hang: apparently having a filesystem
alone is insufficient, there actually needs to be some stuff on it?

I'm using Fedora 11 on a Compaq Presario laptop (x86).

Many thanks for any help,
- -Brian

- --
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://keys.gnupg.net


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iQEcBAEBAgAGBQJKQ3DgAAoJEHOUulIkSI7cJQgH/0V4qxE9hMJaLK/79tsczNmP
sDf48rhd0dJGhF+cvHtQg+57F3j0GX6nHYvD6810xApd5eTzALJ2/Ug6BOgC2aL5
dw+kw6rebquyXDCrknsAavxWZNkRJYooTguOSSPIwP2815aAG7wWoecqR+ESzaO3
yQfLM5tUPo+xVkBdlC8NS+UO9+nKFXlfTTO1qCexutwxsJdwSvXJvZ4Hiu2r68jz
7PAtr4QkR1PSUyxpTY08wcZV39s1F+X9WzE99lKoz/KjHymLvSOrkW8kS7OSAyoH
EK5AfujeZ85HMu1Hf2bw4D6OgSq9l2yHTZ8yZpQEIPNrv0+/36JijmN/2MLz4Xs=
=1Na5
-----END PGP SIGNATURE-----

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux