Re: LUKS + dm-crypt Debian/Ubuntu expanding encrypted root LV onto 2nd disk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Guilhem, those links are very helpful but I have not solved it yet. Another change in the new cryptsetup is LUKS2 and use of the kernel keyring, so when run from a booted system dmcrypt_derived just returns a message that the source crypt device uses the keyring - I don't know how to obtain the actual key to use it in the creation of the second crypt device (or maybe it is impossible).

On Wed, 22 May 2019 at 18:16, Guilhem Moulin <guilhem@xxxxxxxxxxx> wrote:
Hi Dominic,

On Wed, 22 May 2019 at 13:53:07 +0100, Dominic Raferd wrote:
> Thanks Arno, I think it is Debian really (rather than Ubuntu), but I
> couldn't see where to ask except here. Will dig some more.

For Debian you could file a bug against the ‘cryptsetup-initramfs’
package, see https://tracker.debian.org/pkg/cryptsetup and
https://www.debian.org/Bugs/ .

(‘Severity: wishlist’ I guess; at least your custom patch not applying
anymore isn't hinting at a regression.)

Also FWIW we (Debian packaging team) have native support for unlocking
multiple devices at early boot stage with a single passphrase prompt,
see /usr/share/doc/cryptsetup-initramfs/README.initramfs.gz and
/usr/share/doc/cryptsetup-run/README.* .  If that doesn't cover your
workflow then please visit the above links and file a wishlist bug :-)

Cheers,
--
Guilhem.
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
https://www.saout.de/mailman/listinfo/dm-crypt

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux