Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 05-13-2014, 01:45 PM   #1
Registered: Oct 2012
Distribution: Slackware 14.0 86x
Posts: 43

Rep: Reputation: Disabled
Unlocking LUKS with keyfile on USB

I have formatted USB stick to fat
mkfs.fat -N USBKEY /dev/sdX1
made keyfile and moved it into USB stick, created initrd accordingly
#echo password > /mnt/USBKEY/keys/key.luks
#cryptsetup luksAddKey /dev/sdXY /mny/USBKEY/keys/key.luks
#mkinitrd -c -k 3.2.29-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L -K LABEL=USBKEY:/keys/key.luks
Problem is that I am prompted for password during boot, I have tried to insert USB stick right after booting process starts and obviously having it inserted during whole boot/reboot process.
Old 05-16-2014, 03:04 PM   #2
Senior Member
Registered: Jan 2008
Distribution: Arch/Manjaro, might try Slackware again
Posts: 1,851
Blog Entries: 14

Rep: Reputation: 284Reputation: 284Reputation: 284
Maybe your usb drive isn't being recognized

My mkinitrd is
 mkinitrd -c -k 3.13.2 -f ext4 -r /dev/cryptvg/root -m usb-storage:xhci-hcd:usbhid:hid_generic:mbcache:jbd2:ext4:ext2:vfat:hid:usbhid -C /dev/sda3 -L -u -o /boot/initrd-3.13.2.gz -K UUID=XXXX-XXXX:/keyfile
Note that I use the UUID rather than LABEL to avoid different mount points, either should work. The keyfile is in the root of the USB stick.

For you that'd be
 mkinitrd -c -k 3.2.29-smp -f ext3 -r /dev/cryptvg/root -m usb-storage:xhci:hcd:usbhid:hid_generic:mbcache:ext3:vfat:hid:usbhid -C /dev/sda2 -L -u LABEL=USBKEY:/keys/key.luks
Note the modules included in the initrd for usb, usbstorage and vfat. You might not need all of those other modules.

Also, I'm not sure your path to the keyfile is correct. Had you mounted your stick into /mny? If your stick is in at boot time, I expect /keys to be in the root of the USB drive.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
unlocking encrypted root with keyfile on sdcard/mmc possible? saivinoba Slackware 1 12-20-2013 05:45 PM
[SOLVED] Can't unlock LUKS volume with a keyfile during boot natharran Slackware 3 02-27-2013 02:00 PM
What's best practise to GPG single large file with keyfile on USB stick? FireRaven Linux - Security 9 01-17-2012 04:33 PM
LXer: How to set up an auto-mounted keyfile based luks partition for your home direct LXer Syndicated Linux News 0 02-13-2009 06:50 AM
LXer: Automatically Unlock LUKS Encrypted Drives With A Keyfile LXer Syndicated Linux News 0 07-09-2008 03:40 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 11:36 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration