On 16/08/2009 Ross Boylan wrote: > On Sun, 2009-08-16 at 21:44 +0200, Jonas Meurer wrote: > > neither crypt keys nor passwords are stored in the initramfs. you > > don't > > even need cryptsetup magic in the initramfs for encrypted non-root > > partitions. the only partition that needs to be decrypted within the > > initramfs is the root partition. > > If I have a LUKS encrypted root partition, will things just work? > I.e., when the initrd pivots, will I get a request for the passphrase of > the root partition and then it will proceed to boot as normal (and read > keys from /etc/cryptab to mount the other partitions)? yes, it should work exactly the way you described it. > It would be LUKS on top of LVM on top of software RAID. i didn't test such a setup myself yet, but at least luks on top of lvm works without any problems. > I believe to convert my to encrypted I'd need to make a new LVM volume, > create an encrypted device on top of it, and copy. Is there an easier > way? i would not encrypt the partition on-the-fly for security reasons, so yes the best way is to copy data from the unencrypted filesystem into a new, encrypted one. greetings, jonas
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
