Decrypt Ubuntu Root with Key-file on USB
Sebastian
PrivateSeaBass at pm.me
Fri Feb 5 08:18:05 MST 2021
Is anyone familiar with how to boot Ubuntu, and make grub use the key-file on the USB that is plugged into it?
I'm trying to not need to type in the password on the device when it boots, but still have an encrypted root partition.
If not, how do people keep drives encrypted in production environments when using Ubuntu? (Could answer this as well, "if so", since this is just my guess for what production environments use)
(because this is what online searches bring)
I do not mean:
Boot from an encrypted USB.
Decrypt and mount an encrypted volume at boot AFTER typing in the decryption password for root once already.
Encrypt boot partition as well as root.
Everything I found online was one of the above three things, or is Arch and doesn't apply to Ubuntu.
I thought "eh, just do it the same way as Arch in boot parameters, as they both use grub, right?", but that didn't work...
(cryptkey=devID:filesystem:fileLocation cryptdevice=devID:decrypt_root root=/dev/mapper/decrypt_root => update-grub)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20210205/16c88ded/attachment.html>
More information about the PLUG-discuss
mailing list