[arch-general] can't unlock a luks encrypted partition. (urgent).
Heiko Baums
lists at baums-on-web.de
Fri Oct 9 19:56:03 EDT 2009
Am Sat, 10 Oct 2009 02:35:06 +0300
schrieb Roman Kyrylych <roman.kyrylych at gmail.com>:
> I have 4 encrypted partitions besides root and don't have this
> problem, but I have real passwords instead of ASK in /etc/crypttab
> (otherwise I would be very lazy to enter them 5 times instead of
> one :-P)
It would probably be a bit more secure to write a keyfile onto a USB
stick either as a file or with dd and apply one of those patches
to /etc/rc.sysinit:
http://bugs.archlinux.org/task/11648
http://bugs.archlinux.org/task/15016
And if you add one of these lines to your kernel line in grub's menu.lst
then you don't need to enter one single passphrase. Just plugin the USB
stick before and unplug it after booting. ;-)
cryptdevice=/dev/sdaX:root root=/dev/mapper/root
cryptkey=/dev/usbkey/KEYFILE
cryptdevice=/dev/sdaX:root root=/dev/mapper/root
cryptkey=/dev/usbkey:OFFSET:SIZE
Heiko
More information about the arch-general
mailing list