[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

dm-crypt and boot process


I've been very happy that the Etch installer supports dm-crypt out of the 
box.  This is a wonderfully nice feature.

Here's my gripe: it gets in the way of unattended boots.  Let's say that you 
have /home as a separate encrypted filesystem on a given machine.  You want 
the machine to be able to boot even if you aren't there -- say because the 
power goes out or something.  But you have a passphrase for /home.

You could set it up with a timeout in crypttab, but here's the rub...  when 
you do that, and the timeout expires, the boot process halts.  You have to 
sit at the console and give the root password, then /etc/init.d/cryptdisks 
start, then proceed.

In a case like this, it seems desirable to have the boot process not be 
interrupted.  If the machine boots without /home, I could at least ssh into 
it as root and fix that problem.

As far as I can tell, there is no way in the installer to indicate this 
preference, and no way in fstab to specify that a failure to find the crypt 
device for a given filesystem should just be ignored, leaving that 
filesystem unmounted.

So I haven't submitted a bug anywhere because I don't know where to do so, or 
if perhaps new code needs to be written to accommodate this scenario.  Does 
anyone know?


-- John

Reply to: