I do not know if this is easier, but it has come up recently in discussions over the strength of large volumes using the same key. You might consider making the encrypted device on the partition, and then creating LVM over a set of encrypted devices. I have a luks encrypted root partition, and for a long time it has worked very well. I enter my password at boot and everything runs very smoothly. -MJ Ross Boylan wrote: > On Sun, 2009-08-16 at 21:44 +0200, Jonas Meurer wrote: >> neither crypt keys nor passwords are stored in the initramfs. you >> don't >> even need cryptsetup magic in the initramfs for encrypted non-root >> partitions. the only partition that needs to be decrypted within the >> initramfs is the root partition. > If I have a LUKS encrypted root partition, will things just work? > I.e., when the initrd pivots, will I get a request for the passphrase of > the root partition and then it will proceed to boot as normal (and read > keys from /etc/cryptab to mount the other partitions)? > > If I need to do more, some pointers would be great. > > It would be LUKS on top of LVM on top of software RAID. > > I believe to convert my to encrypted I'd need to make a new LVM volume, > create an encrypted device on top of it, and copy. Is there an easier > way? > > Thanks. > Ross > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
