[dm-crypt] Decrypt a volume without user intervention

Marco Cavallini cavallini.koan at gmail.com
Wed Aug 23 10:32:06 CEST 2017


2017-08-22 17:09 GMT+02:00 Carlos E. R. <robin.listas at telefonica.net>:

>
> I'm not a guru, but I do that easily.
>
> /etc/crypttab:
>
> cr_home     /dev/disk/by-id/something-part5 none       none
> cr_two      /dev/disk/by-uuid/someuuid     /home/cer/Keys/the_two_keyfile    auto
>
> /etc/fstab:
>
> /dev/mapper/cr_home  /home        xfs     lazytime,,nofail                0 2
> /dev/mapper/cr_two   /data/two    xfs     user,lazytime,exec,nofail       1 3
>
> "/data/two" is mounted automatically without asking for the passphrase, after home is mounted.
> You should not have the key file available on a non-encrypted mount, of course. Or not one that is always available on the computer, or the thieves will open your files.
>


Hi Carlos,
thank you for answering.
With your procedure "/data/two" is mounted automatically because the
passphrase is in /home but is expected to enter a passphrase to
decrypt /home ?

Cheers,
--
Marco


More information about the dm-crypt mailing list