I don't have any experience with encrypted filesystems, but if some devices
are not set up, maybe that should be done in the initrd.
I know if you run a distro that uses udev and wants to run it from the
initrd, and you try to start up with a kernel without that initrd, you don't
get any device files at all, so it doesn't get very far.

--- Kurt Granroth <plug-discuss@granroth.org> wrote:

> Does anybody here have any experience with encrypted lvm partitions
> mounted at system startup?  I'm running SUSE 10.1 (inside of VMware) and
> I want to have an entirely encrypted system where *every* partition is
> encrypted.  I am most of the way there but can't seem to get to the next
> step.
> 
> Here's what I have:
> 
> /dev/sdb2 -> cryptsetup-luks -> /dev/mapper/root
> /dev/sda2 -> cryptsetup-luks -> /dev/mapper/swap
> /dev/mapper/system-home -> cryptsetup-luks -> /dev/mapper/home
> /dev/mapper/system-shared -> cryptsetup-luks -> /dev/mapper/shared
> 
> I used the instructions on the OpenSUSE site to get the encrypted root
> and swap partitions to work using a modified 'mkinitrd'.
> 
> http://en.opensuse.org/Encrypted_Root_File_System_with_SUSE_HOWTO
> 
> That part is working like a charm.  When I boot, I am presented with an
> opportunity to enter my password.  On doing so, it decrypts my root and
> swap partitions, mounts them, and continues.
> 
> Once booted, I can map my LVM partitions to the cryptsetup ones
> (system-home to home and system-shared to shared).  I can then mount the
>  decrypted mappings (home and shared) to the proper directories and
> everything works great.
> 
> The problem comes when I try to mount those LVM partitions during the
> boot process.  When it comes time to mount them, I am presented with a
> password prompt... but no password works.  I am nearly certain that it's
> because the /dev/mapper/system-{home|shared} LVM devices don't yet exist
> in the initrd process.
> 
> But how?  I'm missing some crucial step, it seems, in figuring out how
> to get this all to work.
> 
> Any clues?
> 
> Kurt
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss