How to use key file instead of password for LUKS encrypted file systems?
I've been using LUKS encryption on my home partition for years and always typed my password at boot. Now I have an extra hard disk with encryption and have to type two passwords. So I thought I would have a key file inside my home partition to automate decryption of the second HD. I ran these commands:
# dd if=/dev/random of=/home/luc/keyfile bs=256 count=1
# cryptsetup --key-file=/home/luc/keyfile luksAddKey /dev/sdb1
# cryptsetup luksAddKey /dev/sdc1 /home/luc/keyfile
I don't remember which of the two last lines worked, but cryptsetup accepted it and 'cryptsetup luksDump' confirms the new slot.
But I still have to type two passwords at boot. What am I doing wrong?