Hi Dáire,
While this is not really dm-crypt/cryptsetup related, but rather a
question of the used distro and desktopenvironment (etc.), I'll try to
give you some hints on this:
As long as the volume is listed in crypttab and the key is provided the
crypto-mapping will be setup during boot. If you don't want that, you'd
have to revert those changes. (Automatic setup of crypto mapping with a
locally stored key is somewhat pointless, as you can imagine).
It is not that easy by just looking at the commands you ran, to judge
what is going on right now. You'll certainly have to provide additional
info, but I am sure the Ubuntu community would be a greater help, as it
knows the intrinsics of the distro.
One thing I want to add though is this:
You will NOT be able to do a single password entry for both decryption
and login. You could possibly disable passwords for login (if that makes
sense to you). You could skip the password for decryption, if the
'passphrase/key' is stored on an external drive (usb thumg drive) and
you physically secure it and instead use a sign on password. And if you
really insist on a signle sign on, you'd have to have a some sort of
password cache daemon that provides the password at a later stage, but
then again this makes password based logins pointless.
So, first choose your modus operandi, then try setting it up.
Regards
-Sven
Am 16.01.2016 um 23:33 schrieb Dáire Fagan:
I have tried following different guides on this but none seem to do
exactly what I am trying so I had to work with different parts from
different guides.
Using the following I made it so Ubuntu would not boot, although I was
able to remedy this by booting into Ubutnu recovery, dropping to a root
shell, and putting fstab back as it was: HOWTO: Automatically unlock
LUKS encrypted drives with a keyfile
<http://ubuntuforums.org/showthread.php?t=837416>
When I started I had just set up LUKS with LVM. I was able to mount the
main volume hdd1 by clicking on it from the launcher in Ubuntu and
entering my password, but I need to set it up to mount on boot.
Even after the change I made in fstab - undoing what the guide
recommended - now when I boot a volume is mounted of 973GB although I
cannot write to it. Apart from that I am not sure if it is otherwise
working as it should, or if say for instance it is left decrypted all of
the time.
Can you please look through the commands from my bash history and tell
me anything I need to undo, the correct commands to do this, and any
extra commands I need to enter to achieve what I am after, physical
volume sda1 decrypted on boot, and the logical volumes swap and hdd1
automatically mounted, one password input on boot preferred, so I do not
have to enter one to login and another to decrypt. This is all on a
completely separate drive to my / and /home partitions.
If relevant one of the commands used during LUKS and LVM setup was:
pvcreate /dev/mapper enc-pv
I mention that now as it is referenced in another command.
The logical volumes:
[CODE]dusf@roadrunner:~$ sudo lvdisplay
--- Logical volume ---
LV Path /dev/vg/swap
LV Name swap
VG Name vg
LV UUID HBEt92-E8MQ-aCAu-DBDz-7VeJ-KLom-JeJ9k8
LV Write Access read/write
LV Creation host, time roadrunner, 2016-01-16 20:36:42 +0000
LV Status available
# open 0
LV Size 10.00 GiB
Current LE 2560
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 252:1
--- Logical volume ---
LV Path /dev/vg/kali
LV Name kali
VG Name vg
LV UUID BeWqMO-DQAf-zcAp-RJAf-vmaY-OZbt-GLQIWx
LV Write Access read/write
LV Creation host, time roadrunner, 2016-01-16 20:40:39 +0000
LV Status available
# open 0
LV Size 15.00 GiB
Current LE 3840
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 252:2
--- Logical volume ---
LV Path /dev/vg/HDD1
LV Name HDD1
VG Name vg
LV UUID xFw2Yu-li8I-Ooav-Yjk2-P38q-CZeG-dmdhSl
LV Write Access read/write
LV Creation host, time roadrunner, 2016-01-16 20:51:00 +0000
LV Status available
# open 1
LV Size 906.51 GiB
Current LE 232066
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 252:3
Commands I entered to try and automount:
156 sudo dd if=/dev/urandom of=/root/keyfile bs=1024 count=4
157 sudo chmod 0400 /root/keyfile
160 sudo cryptsetup luksAddKey /dev/sda1 /root/keyfile
161 sudo vi /etc/crypttab
I added the line: enc-pv /dev/sda1 /root/keyfile luks
162 sudo vi /etc/fstab
I added the line: /dev/mapper/enc-pv /media/sda1 ext4 defaults
0 2
163 sudo mount -a
164 mkdir /media/sda1
165 sudo mkdir /media/sda1
166 sudo mount -a
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
