[dm-crypt] Newbie questions: how to configure and mount an encrypted partition on bootup?

David Li w.david.li at gmail.com
Mon Mar 19 04:33:43 CET 2012


      Hi,
        I am totally new to dm-crypt. My OS is RHEL5/6.

        Here is what I want to do:
        I have a system that is pxebooted and the root fs is nfs mounted
from
another server.  But I have a local disk that can be used as an encrypted
storage perhaps for user data.  In the beginning it's blank with no
partitions.

        So the first time I would let the user to decide how to partition
and
set up LUKS.  From that point on each subsequent boot would automatically
mount the encrypted partitions as configured.

        I am looking for general programmable way  to achieve this. Maybe
someone has done the exact thing before.

        Specifically,
      1.      On first boot, how should I modify the initramfs to prompt
the
user to set up LUKS? Or initramfs is not the way, what else?

        2.      On each subsequent boot, how would I let dm-crypt to
automatically retrieve the passphrase once the user logins into the system.
Assume that the passphrase has been stored on the same server to store the
root fs. I don't want to force him to type in the LUKS passphrase again to
unlock the partitions.
        Thanks.
        David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20120318/3223fd5f/attachment.html>


More information about the dm-crypt mailing list