Re: type one password, get many

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I do not know if this is easier, but it has come up recently in
discussions over the strength of large volumes using the same key.
You might consider making the encrypted device on the partition, and
then creating LVM over a set of encrypted devices.

I have a luks encrypted root partition, and for a long time it has
worked very well. I enter my password at boot and everything runs very
smoothly.

-MJ

Ross Boylan wrote:
> On Sun, 2009-08-16 at 21:44 +0200, Jonas Meurer wrote:
>> neither crypt keys nor passwords are stored in the initramfs. you
>> don't
>> even need cryptsetup magic in the initramfs for encrypted non-root
>> partitions. the only partition that needs to be decrypted within the
>> initramfs is the root partition.
> If I have a LUKS encrypted root partition, will things just work?
> I.e., when the initrd pivots, will I get a request for the passphrase of
> the root partition and then it will proceed to boot as normal (and read
> keys from /etc/cryptab to mount the other partitions)?
> 
> If I need to do more, some pointers would be great.
> 
> It would be LUKS on top of LVM on top of software RAID.
> 
> I believe to convert my to encrypted I'd need to make a new LVM volume,
> create an encrypted device on top of it, and copy.  Is there an easier
> way?
> 
> Thanks.
> Ross
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> http://www.saout.de/mailman/listinfo/dm-crypt
> 
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux