Re: Problem with systemd and cryptsetup - how to solve it the systemd way?
On 12/10/2015 05:38 AM, Anders Andersson wrote:
I am trying to set up an encrypted btrfs system on a Debian Jessie
...
root@jessie:~# cryptsetup luksFormat /dev/sdb1
root@jessie:~# cryptsetup luksOpen /dev/sdb1 crypt
root@jessie:~# dd if=/dev/zero of=/dev/mapper/crypt
root@jessie:~# cryptsetup luksClose crypt
...
Then I add this to /etc/crypttab:
---- /etc/crypttab ---
# <target name> <source device> <key file> <options>
crypt /dev/sdb1 none luks,noauto
---- /etc/crypttab ---
When I want a LUKS data partition to be mounted at boot, I create a LUKS
key:
# dd if=/dev/random of=/root/.luks-keyfile bs=1 count=32
# chmod 0400 /root/.luks-keyfile
Add the key to the LUKS partition:
# cryptsetup luksAddKey /dev/sdb1 /root/.luks-keyfile
(Note: it is preferable to use /dev/disk/by-id/* paths for disk
administration commands rather than /dev/sd* paths, as the letter
assignments can and do get re-arranged on reboot.)
Add an entry to /etc/crypttab:
sdb1_crypt /dev/sdb1 /root/.luks-keyfile luks
Create a mount point:
# mkdir /var/luks/sdb1_data
Add an entry to /etc/fstab:
/dev/mapper/sdb1_crypt /var/luks/sdb1_data auto defaults,nofail 0 2
Reboot, verify, and/or troubleshoot.
David
Reply to: