I will have a look at the anaconda log. Thanks for the first help. I will have to buy a new Ultrabay case. Am 6. März 2015 07:10:31 MEZ, schrieb Chris Murphy <lists@xxxxxxxxxxxxxxxxx>: >On Thu, Mar 5, 2015 at 10:25 PM, Tim <lists@xxxxxxxx> wrote: >> Hi Chris, >> >> thanks for your answer. >> >> It is the first time I decided to encrypt my lvm. I choosed to >encrypt the >> volume group, not every logical volume itself, because in case of >doing lvm >> snapshots in that group they will be encrypted too? > >Yes, anything that's COW'd is also encrypted in this case. > >> And how do I create a new encrypted volume group? > >Strictly speaking the VG isn't the target of the encryption, the >underlying PV is. Also, it's not absolutely necessary to partition the >drive at all if you have no need for unencrypted space on this new >drive. Since I use drives on multiple platforms, I always partition so >that other OS's recognize the drive space is spoken for instead of >appearing unpartitioned and hence blank. Linux via libblkid always >looks at disk contents whether partitioned or not so if this is a >Linux only drive you don't have to partition it. > >1. Use cryptsetup to create a LUKS volume on the whole disk or a >partition thereof. For the exact command, you can cheat by doing 'grep >cryptsetup /var/log/anaconda/program.log' which will show you the >command Anaconda used when setting up your first drive. PLEASE make >sure you don't use that command directly or it'll wipe the LUKS header >on your current drive. You have to change the /dev/sdX designation to >point to the new drive or partition. > >2 cryptsetup luksOpen /dev/sdX newdrive >3. pvcreate /dev/mapper/newdrive >4. vgcreate newvg /dev/mapper/newdrive >5. lvcreate -L 300G -n morestuff newvg >6. mkfs.xfs /dev/mapper/newvg-morestuff > >Adapt as needed. Don't forget crypttab is used to point to the LUKS >volume, once it's unlocked the PV is revealed and lvm will activate >the VG and the LVs on it, and then in your fstab you'll have the UUID >for the XFS volume and mount this whereever you want it mounted. > > > > >-- >Chris Murphy >_______________________________________________ >CentOS mailing list >CentOS@xxxxxxxxxx >http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos