I am currently using a luks-formatted software raid device made up of four hard drives as a boot device. My initramfs first runs mdadm to assemble to raid device and then runs cryptsetup to decrypt the volume. I want to experiment with the raid features of btrfs while still using encryption, but that means that I will need to encrypt each drive individually. If I use luks as normal that means entering four passphrases every time the system boots. I could get around this by using an external key and encrypting it via GPG, but this has a few downsides: it's easier to lose the key, the GPG passphrase interface does not allow for passphrase retries and including GPG makes the initramfs larger. What I would like to do is use the kernel keyring capability (CONFIG_KEYS) so that I could enter the passphrase for the first device and have cryptsetup use that stored key for the other three devices. Is there any way to enable this functionality? _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
