[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Using a block-device as key material for encrypted root on F10?

I've used the encryption available in anaconda to encrypt my laptop
drive, and I'm wondering if it is possible to use a block device (like
an MMC or USB thumb-drive) as key material for the encrypted partition
and what the steps would be for making sure the initrd and Plymouth?
have the info to start correctly.

I've been using LUKS encrypted disks for a while now and I'm pretty
familiar with using cryptsetup, and I've generated new initrd's for
small changes (like disk controller order).

What I have at the moment is an MMC device (shows up as /dev/mmcblk0)
with two partitions, the first one is only one cylinder (522240 bytes in
this case) in case it is an exhaustive read like what some of the
cryptsetup man page says (crypttab man page does say you can specify the
key size, so that's good).

Do I need to change anything else other than change /etc/crypttab with
the key source and generate an new initrd with the mmc modules included?
Any way to have the password input also as a fall-back?  I would really
like to not have to attempt a rescue with an encrypted disk if I can
avoid it... :)

Thanks for any suggestions!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]