[dm-crypt] Using a keyfile with full disk encryption
me at tkerby.uk
Tue Oct 4 10:08:07 CEST 2016
I've enabled full disk encryption on a recent server install of Ubuntu (using the checkbox in the installer). This is there mainly for security when disks are replaced
Unfortunately, we've had a few power failures and the requirement to enter the passphrase for LUKS at the physical terminal is an issue.
I'd be happy to keep a keyfile on a USB key or SD card as I could mount these internal to the server which is physically secured
Is there a method to ensure the USB key is mounted prior to the password prompt and adding the keyfile as an additional method at startup?
More information about the dm-crypt