[dm-crypt] Open a LUKS container storing the operating system, with a header file in another location
arno at wagner.name
Sun Feb 4 17:46:55 CET 2018
On Sun, Feb 04, 2018 at 14:32:03 CET, 21naown at gmail.com wrote:
> I have an unencrypted boot partition with GRUB. My final goal is to have
> this partition in a USB key, in the same partition or in another one than
> the one where the header file will be stored, obviously unencrypted.
> I assume crypttab is embedded in initrd when I do “update-initramfs -u”,
> because, among the errors I got, it showed me just after selecting the OS to
> launch in GRUB “LUKS header “/boot/headerFile” missing”, which is the path I
> put in crypttab.
The Cryptsetup FAQ gives you more info about how to mount a
LUKS volume from the initrd in Section 9:
I recommend you do away with crypttab, at least for the moment,
and do a direct setup as described there. That will at least give
you a better understanding of how things work.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt