[dm-crypt] Encrypt all partitions with dm-crypt

Heinz Diehl htd at fancy-poultry.org
Wed Aug 22 17:52:47 CEST 2012

On 22.08.2012, Stayvoid wrote: 

> > you need to map and mount it manually.
> I've never tried this before. Could you be more specific?

First, you have to unlock your encrypted partition, e.g.

 cryptsetup luksOpen /dev/sdX home

> I understand how to use "mount." What I don't understand is how to
> enter the system when my home is encrypted. I guess that I won't be
> able to login. Is this correct?

You don't need the /home partition to boot your machine
properly. Unless your distribution has some tools which handle the
login/open/mount-procedure for you, you are not able to boot into
runlevel 5 directly. You could boot into rl1, open your encrypted
/home, mount it on /home

 mount /dev/mapper/home /home

and boot into rl5 afterwards (init 5).

> Could you also tell me what I should have in fstab?

That's impossible without more information on your partitions.
Unless you are targeting to do all the stuff yourself, I would
recommend using a dsitribution which handles the crypto-stuff for you,
e.g. Archlinux, Fedora, Opensuse, Debian, Ubuntu... whatever.

There's full support in at least Arch and Fedora.

More information about the dm-crypt mailing list