Re: [dm-crypt] type one password, get many

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ross Boylan <ross@biostat.ucsf.edu>
To: Jonas Meurer <jonas@freesources.org>
Cc: dm-crypt@saout.de, ross@biostat.ucsf.edu
Subject: Re: [dm-crypt] type one password, get many
Date: Sun, 16 Aug 2009 14:08:29 -0700	[thread overview]
Message-ID: <1250456909.10115.23.camel@corn.betterworld.us> (raw)
In-Reply-To: <20090816194400.GB5548@resivo.wgnet.de>

On Sun, 2009-08-16 at 21:44 +0200, Jonas Meurer wrote:
> neither crypt keys nor passwords are stored in the initramfs. you
> don't
> even need cryptsetup magic in the initramfs for encrypted non-root
> partitions. the only partition that needs to be decrypted within the
> initramfs is the root partition.
If I have a LUKS encrypted root partition, will things just work?
I.e., when the initrd pivots, will I get a request for the passphrase of
the root partition and then it will proceed to boot as normal (and read
keys from /etc/cryptab to mount the other partitions)?

If I need to do more, some pointers would be great.

It would be LUKS on top of LVM on top of software RAID.

I believe to convert my to encrypted I'd need to make a new LVM volume,
create an encrypted device on top of it, and copy.  Is there an easier
way?

Thanks.
Ross

next prev parent reply	other threads:[~2009-08-16 21:08 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-08-14 17:19 [dm-crypt] type one password, get many Ross Boylan
2009-08-14 19:09 ` Ross Boylan
2009-08-14 20:41   ` Ross Boylan
2009-08-16 19:44   ` Jonas Meurer
2009-08-16 21:08     ` Ross Boylan [this message]
2009-08-16 23:14       ` Moji
2009-08-17 14:42       ` Jonas Meurer
2009-08-15 11:39 ` Moji

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1250456909.10115.23.camel@corn.betterworld.us \
    --to=ross@biostat.ucsf.edu \
    --cc=dm-crypt@saout.de \
    --cc=jonas@freesources.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.