Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all, I recently encrypted two of my computers. I installed Fedora 11 on the first one and let the installer set up my disk encryption. At the time, I had / mounted on one drive and /home on another. Both had the same luks passphrase and when I booted my system, I was only asked to enter the passphrase once and both drives were unlocked. I've since deleted that passphrase and added another one. They are still both the same but now when I boot up, I am asked to enter the passphrase twice. Is there a way to set it so I only have to enter the passphrase once?
On the second computer, I installed Ubuntu and I let the installer take care of the disk encryption also. Same set up with it, / on one partition and /home on another; same passphrase. However, I've always had to enter the passphrase twice during boot on that one.
Anyway, if there is a way to set up a global passphrase for luks drives, any help or a point in the direction towards just that would be great. Thanks!
Looking at the cryptsetup man page, appears there's an option for --verify-passphrase which causes luks to ask twice. Not sure if that's the issue exactly. Perhaps Ubuntu has this as default, and you changed the option on fedora?
My guess is that in your initial setup, you had an encrypted LVM group and the partitions were members of it. Either way, it might have been interesting to see /etc/crypttab.
My guess is that in your initial setup, you had an encrypted LVM group and the partitions were members of it. Either way, it might have been interesting to see /etc/crypttab.
Meson, I honestly don't know what I did to make it ask me for my password only once. I just let the installer (Anaconda I believe) take care of it. My knowledge of luks is very limited.
Here is my crypttab...
Code:
# Swap
swap UUID=9c452442-2ccc-4655-ac2d-f097e15c4f2a /dev/urandom cipher=aes-cbc-essiv:sha256,size256,hash=256,swap
# /
luks-3bbe8b56-723e-4b19-83b1-d106c84beff5 UUID=3bbe8b56-723e-4b19-83b1-d106c84beff5 none
# Home
home UUID=5e36ae69-cd3a-4daa-8ba8-690f7a570862 none
# Main Backup
#Main_Backup UUID=5e36ae69-cd3a-4daa-8ba8-690f7a570862 none
# Fedora Backup
Fedora_Backup UUID=1eca149a-db55-4df0-bd58-7505acc6c4f9 none
rm -rf *, looking at the cryptsetup man page I believe that --verify-passphrase simple asks for the passphrase twice when preforming commands on encrypted drives to ensure one has entered the correct passphrase. Thank you for your insight however.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.