[dm-crypt] Open a LUKS container storing the operating system, with a header file in another location

Arno Wagner arno at wagner.name
Sun Feb 4 17:46:55 CET 2018


On Sun, Feb 04, 2018 at 14:32:03 CET, 21naown at gmail.com wrote:
[...]
> I have an unencrypted boot partition with GRUB. My final goal is to have
> this partition in a USB key, in the same partition or in another one than
> the one where the header file will be stored, obviously unencrypted.
> 
> I assume crypttab is embedded in initrd when I do “update-initramfs -u”,
> because, among the errors I got, it showed me just after selecting the OS to
> launch in GRUB “LUKS header “/boot/headerFile” missing”, which is the path I
> put in crypttab.

The Cryptsetup FAQ gives you more info about how to mount a 
LUKS volume from the initrd in Section 9:

  https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions

I recommend you do away with crypttab, at least for the moment,
and do a direct setup as described there. That will at least give
you a better understanding of how things work.

Regards,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list