Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
home dirs using dmcrypt luks with keyfile [solved]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
renee77
n00b
n00b


Joined: 21 Jun 2016
Posts: 12
Location: Tilburg

PostPosted: Wed Jul 20, 2016 9:05 pm    Post subject: home dirs using dmcrypt luks with keyfile [solved] Reply with quote

Hello all,

I've installed Gentoo succesfully, encrypted with lvm2, following most of https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide. I am running plasma 5.5 desktop. I installed all on my ssd, having a serparate boot usb, root partition, swap and home partition. (also mounted tmpfs size=8G at /tmp having other 8G for system)

Now I am playing around with cryptsetup. I would like to encrypt my hdd-disk (/dev/sdb) and using lvm2 on /dev/sdb1 (encrypted) to create Documents Media and Pictures to mount in my home directory. I dont succeed in decrypting during boot.

1. I have created a random key-file and stored in in /etc/.keyfile (dd bs=512 count=4 if=/dev/urandom of=/etc/.keyfile iflag=fullblock)
2. Made file read-only (chmod 0400 /etc/.keyfile)
3. Encrypted /dev/sdb1 (cryptsetup luksFormat /dev/sdb1 /etc/.keyfile)

I can decrypt /dev/sdb1 by issuing (cryptsetup open --type luks /dev/sdb1 home -d /etc/.keyfile)

And created pv /dev/mapper/home, vg as vg2, and 3 lv's. filesystem ext4. I can manualy mount those lv's in /home/renee/Documents(Media,Pictures) and use them.
1. vgchange available y vg2
2. recorded partition's in fstab and issued mount -a

For /etc/crypttab I followed http://linux.die.net/man/5/crypttab:
/dev/mapper/home /dev/sdb1 /etc/.keyfile luks

I used many variations as
home UUID=xxxxxxxxxxxx /etc/.keyfile luks,noearly

But this home partition is becoming available during boot, what am I missing? I doesnt seem to decrypt during boot. becaus commenting partitions in fstab and uncomment them after reboot followed with a mount -a shows partition /dev/sdb1 is still encrypted, I can manualy issue cryptsetup open and after that have to vgchange available y and mount them.
I've tried to consult many sources online but seem to miss some key knowledge to make this work

Kind regards, Eva (aka renee)


Last edited by renee77 on Thu Jul 21, 2016 5:41 am; edited 1 time in total
Back to top
View user's profile Send private message
likewhoa
l33t
l33t


Joined: 04 Oct 2006
Posts: 777
Location: Brooklyn, New York

PostPosted: Thu Jul 21, 2016 3:24 am    Post subject: Reply with quote

take a look at /etc/conf.d/dmcrypt
Back to top
View user's profile Send private message
renee77
n00b
n00b


Joined: 21 Jun 2016
Posts: 12
Location: Tilburg

PostPosted: Thu Jul 21, 2016 5:40 am    Post subject: home dirs using dmcrypt luks with keyfile is woking! Reply with quote

likewhoa wrote:
take a look at /etc/conf.d/dmcrypt


Hello Likewhoa,

Thank you for your suggestion, by that one I changed /etc/conf.d/dmcrypt, still didnt work but then remembered to look @ init.d aka rc-update -v. Because the root system was also encrypted I forgot to enable dmcrypt @ sysinit. Root starts through initramfs different approach. It took a few minutes to let the system start the way I intended it. Thank you for pointing me in the right direction. changing /etc/conf.d/dmcrypt and adding dmcrypt to sysinit makes all work like a charm :D

Thank you! Kind regards, Eva
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum