LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Fedora
User Name
Password
Fedora This forum is for the discussion of the Fedora Project.

Notices

Reply
 
Search this Thread
Old 10-10-2011, 08:11 AM   #1
Yalla-One
Member
 
Registered: Oct 2004
Location: Norway
Distribution: Slackware, CentOS
Posts: 635

Rep: Reputation: 35
Skip mounting encrypted volume at boot


Hi,

I have one partition on my server running Fedora 15 that is encrypted. Whenever the server boots, it asks for the password in the boot process and does not proceed until this password has been entered.

I would like the system not to mount the encrypted volume at boot, but rather let me mount it manually when needed.

Trying to achieve this, I edited /etc/fstab for the volume in question to replace "defaults" with "noauto", but that did not make any difference.

The fstab is currently as follows:
Code:
#
# /etc/fstab
# Created by anaconda on Tue Oct  4 09:56:30 2011
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/vg_majestix-lv_root /                       ext4    defaults        1 1
UUID=44fbda9a-0c4a-41df-add2-a24b46ea41c9 /boot                   ext4    defaults        1 2
/dev/mapper/luks-090c1edc-6056-4fa3-8ce1-ff3eb9623613 /export                 ext4    noauto        1 2
/dev/mapper/vg_majestix-lv_home /home                   ext4    defaults        1 2
/dev/mapper/vg_majestix-lv_swap swap                    swap    defaults        0 0
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
This causes the volume in question (/export) not to be mounted, but LUKS still asks for the encrypted password at boot, which tells me I need to edit something else elsewhere...

If anyone could kindly point me towards what/where to change in order for /export not to be mounted at boot, I would greatly appreciate it!

Last edited by Yalla-One; 10-10-2011 at 08:13 AM. Reason: Typo galore
 
Old 10-10-2011, 09:02 AM   #2
stormtracknole
Member
 
Registered: Aug 2005
Location: The Big Easy
Distribution: Slackware, RHEL
Posts: 817

Rep: Reputation: 106Reputation: 106
Have you tried commenting out that volume from /etc/fstab? Worth a try.
 
Old 10-10-2011, 09:40 AM   #3
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 1,511

Rep: Reputation: 626Reputation: 626Reputation: 626Reputation: 626Reputation: 626Reputation: 626
If you have no LUKS partitions that you do want mounted during boot, add this to the options passed to the kernel during boot:
Code:
rd_NO_LUKS
or the newer syntax
Code:
rd.luks=0
Kernel version 2.6.38 should accept either syntax. The old "rd_NO_LUKS" syntax is scheduled to become obsolete in kernel 2.6.39.

Further reading at https://fedoraproject.org/wiki/Dracu...ns#crypto_LUKS and http://dracut.git.sourceforge.net/gi...2469e2838839fe
 
Old 10-10-2011, 03:32 PM   #4
stormtracknole
Member
 
Registered: Aug 2005
Location: The Big Easy
Distribution: Slackware, RHEL
Posts: 817

Rep: Reputation: 106Reputation: 106
Quote:
Originally Posted by rknichols View Post
If you have no LUKS partitions that you do want mounted during boot, add this to the options passed to the kernel during boot:
Code:
rd_NO_LUKS
or the newer syntax
Code:
rd.luks=0
Kernel version 2.6.38 should accept either syntax. The old "rd_NO_LUKS" syntax is scheduled to become obsolete in kernel 2.6.39.

Further reading at https://fedoraproject.org/wiki/Dracu...ns#crypto_LUKS and http://dracut.git.sourceforge.net/gi...2469e2838839fe
Did you mean to write, if you DO have a LUKS partition and don't want it mounted? Either, thank you for the good info. I'll make a mental note about this.
 
Old 10-10-2011, 05:35 PM   #5
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 1,511

Rep: Reputation: 626Reputation: 626Reputation: 626Reputation: 626Reputation: 626Reputation: 626
I meant it the way I wrote it. I was considering the possibility that there might be other LUKS partitions that you set up in /etc/crypttab because you did want them mounted at boot time. Using rd_NO_LUKS would be the wrong thing to do in that case, but the references I cited do show how to mount only specified encrypted volumes, and ignore others, at boot time.
 
Old 10-10-2011, 10:31 PM   #6
stormtracknole
Member
 
Registered: Aug 2005
Location: The Big Easy
Distribution: Slackware, RHEL
Posts: 817

Rep: Reputation: 106Reputation: 106
Quote:
Originally Posted by rknichols View Post
I meant it the way I wrote it. I was considering the possibility that there might be other LUKS partitions that you set up in /etc/crypttab because you did want them mounted at boot time. Using rd_NO_LUKS would be the wrong thing to do in that case, but the references I cited do show how to mount only specified encrypted volumes, and ignore others, at boot time.
Gotcha, thanks for the explanation.
 
Old 10-11-2011, 01:37 AM   #7
Yalla-One
Member
 
Registered: Oct 2004
Location: Norway
Distribution: Slackware, CentOS
Posts: 635

Original Poster
Rep: Reputation: 35
OK, I found the complete solution.
I did not want to comment out the fstab entry completely in order to facility easy mounting later. Furthermore, I also did not want to make changes to the parameters passed to the kernel.
The solution turned out to be rather easy:
  1. Get rid of /etc/crypttab
  2. Add "noauto" to the encrypted volume in /etc/fstab
  3. To mount, type "cryptsetup luksOpen /dev/mapper/encrypted-device encrypted-luks
  4. To mount, type "mount /dev/mapper/encrypted-luks /mountpoint

By removing /etc/crypttab, the luks process is not run at boot-time, and adding "noauto" makes sure that the encrypted volume is not attempted to be mounted.

-y1
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to boot server with one dirty volume not mounting rjo98 Linux - Newbie 5 03-10-2011 04:51 PM
Mounting a Logical Volume at Boot - fedora 13 Skynet091 Linux - Newbie 6 07-09-2010 03:46 AM
mounting / rescue encrypted volume simonwil Ubuntu 2 11-02-2009 02:58 PM
Encrypted Volume Recovery seta37 Fedora 3 06-22-2009 04:14 PM
unrar x : broken volume parts. How to fix/skip them to unpack ? frenchn00b Linux - General 6 09-09-2008 12:25 PM


All times are GMT -5. The time now is 03:17 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration