Re: Encrypted LVM partitions

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MKurt Granroth at <-
MKurt Granroth at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Kenneth
Date:  
To: Main PLUG discussion list
Subject: Re: Encrypted LVM partitions
I don't have any experience with encrypted filesystems, but if some devices
are not set up, maybe that should be done in the initrd.
I know if you run a distro that uses udev and wants to run it from the
initrd, and you try to start up with a kernel without that initrd, you don't
get any device files at all, so it doesn't get very far.

--- Kurt Granroth <> wrote:

> Does anybody here have any experience with encrypted lvm partitions
> mounted at system startup? I'm running SUSE 10.1 (inside of VMware) and
> I want to have an entirely encrypted system where *every* partition is
> encrypted. I am most of the way there but can't seem to get to the next
> step.
>
> Here's what I have:
>
> /dev/sdb2 -> cryptsetup-luks -> /dev/mapper/root
> /dev/sda2 -> cryptsetup-luks -> /dev/mapper/swap
> /dev/mapper/system-home -> cryptsetup-luks -> /dev/mapper/home
> /dev/mapper/system-shared -> cryptsetup-luks -> /dev/mapper/shared
>
> I used the instructions on the OpenSUSE site to get the encrypted root
> and swap partitions to work using a modified 'mkinitrd'.
>
> http://en.opensuse.org/Encrypted_Root_File_System_with_SUSE_HOWTO
>
> That part is working like a charm. When I boot, I am presented with an
> opportunity to enter my password. On doing so, it decrypts my root and
> swap partitions, mounts them, and continues.
>
> Once booted, I can map my LVM partitions to the cryptsetup ones
> (system-home to home and system-shared to shared). I can then mount the
> decrypted mappings (home and shared) to the proper directories and
> everything works great.
>
> The problem comes when I try to mount those LVM partitions during the
> boot process. When it comes time to mount them, I am presented with a
> password prompt... but no password works. I am nearly certain that it's
> because the /dev/mapper/system-{home|shared} LVM devices don't yet exist
> in the initrd process.
>
> But how? I'm missing some crucial step, it seems, in figuring out how
> to get this all to work.
>
> Any clues?
>
> Kurt
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Encrypted LVM partitionsRe: Encrypted LVM partitions->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)