|
LVM and LUKS Question
I want to make sure that I've correctly configured my system to install Linux on a fully encrypted disk (minus /boot). I'm using LVM on LUKS - both of which I've got very little experience with. Here's what I did:
First, I created two partitions. Code:
/dev/sda1 (100mb. I'll use this for /boot)Code:
cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda2Code:
cryptsetup luksOpen /dev/sda2 containerCode:
/dev/mapper/containerCode:
pvcreate /dev/mapper/containerCode:
mkfs.ext4 /dev/VolGroup00/rootCode:
swapon /dev/VolGroup00/swap |
It looks correct as far as I can tell, however when I set up a LUKS partition, I do it the opposite way. In other words I create the logical volume / use luksFormat to open that logical volume as a seperate device in /dev/mapper, and then format that with ext4 (or whatever).
The important difference is that creating a the encrypted volume on top of the logical volume allows me to initially set the pv properly to type 8e, though your method may allow more flexibility in resizing the volumes. (I've never tested your method though.) I've written a few blog entries on this topic (to include automounting LUKS) here: http://thehomelab.blogspot.com/ Edit: Both methods should work, see discussion here: https://bbs.archlinux.org/viewtopic.php?id=87897 |
Thanks for your advice and the links, Roger. Your blog is a helpful resource for someone new to LUKS such as myself.
|
| All times are GMT -5. The time now is 06:01 AM. |