Hello, I am using full-disk encryption with detached LUKS header. The LUKS header file itself is stored on an initrd image which I boot from USB, and then I decrypt the cryptsetup partition on my disk and chroot into it. The initrd system that I boot is very minimal, around 8MB in size. The LUKS image, being 2MB, is making the initrd image needlessly bigger. And the new LUKS2 format seems to use even larger header (10MB ?) >From what I understand, the keyslots themselves only use up 4KB of space, and the rest is used for "antiforensic stripes". This is probably a good idea when LUKS header is stored on disk together with the cryptsetup partition. But when using detached header, which is never stored on disk, this makes less sense Thus my question: is it possible, somehow, to reduce the size of the LUKS header to absolute minimum (4KB ?), when I don't need the antiforensic stripes ? thank you, _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
