LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Install Slackware with hard drive encryption (https://www.linuxquestions.org/questions/slackware-14/install-slackware-with-hard-drive-encryption-4175666857/)

slkw 01-01-2020 11:19 AM
Install Slackware with hard drive encryption
 
Hi folks,
I've got an extra PC that I can install Slackware onto, but I'd like to set up hard drive encryption (LUKS) before the installation so that the root filesystem is encrypted from the start, like what you see is possible with Debian.
Can anyone here suggest a strategy for accomplishing this?
Thanks.

cwizardone 01-01-2020 11:31 AM
Check here,

http://slackware.oregonstate.edu/sla...ADME_CRYPT.TXT

Didier Spaier 01-01-2020 11:42 AM
In addition, check there. As an aside, LUKS2 should be supported by GRUB soon, a patch set from Patrick Steinhardt is being reviewed for that, cf. its summary. For now it will allow the PBKDF2 key derival function only, hopefully Argon2i and/or Argon2id will follow suit.

As an aside, Daniel Kiper checks the patches very thoroughly, so expect no issue after this set will have been committed.

slkw 01-04-2020 07:13 PM
Quote:
Originally Posted by cwizardone (Post 6073196)
This is a pretty good primer on doing the encrypted root (which is my goal) however
I am seeing a problem when following their steps: The kernel never asks for a password
and it therefore never boots. I chose the "generic" kernel.

Alien Bob 01-05-2020 03:00 AM
Quote:
Originally Posted by slkw (Post 6074655)
This is a pretty good primer on doing the encrypted root (which is my goal) however
I am seeing a problem when following their steps: The kernel never asks for a password
and it therefore never boots. I chose the "generic" kernel.
The kernel does not unlock your LUKS encrypted volumes... when booting with a generic kernel plus an initrd, the 'init' script in the initrd unlocks your root filesystem: https://git.slackware.nl/current/tre...itrd/init#n191 and then afterwards, the rc.S script unlocks the rest: https://git.slackware.nl/current/tre...ripts/rc.S#n99

If you never get that password prompt, what is the exact "mkinitrd" command you used to generate your initrd?

slkw 01-05-2020 11:01 AM
Quote:
Originally Posted by Alien Bob (Post 6074761)
If you never get that password prompt, what is the exact "mkinitrd" command you used to generate your initrd?
I'm using the same as the OSU web page suggests, but modified for slackware64 current's kernel.

mkinitrd -c -k 4.4.14-smp -m ext4 -f ext4 -r lukssdx2 -C /dev/sdx2

UPDATE

I've gotten it to boot to the point that I can enter the password and unlock it. The key seems to have been to specify vmlinuz-generic as the kernel in lilo.conf.

However bizarrely whereas I specified my encrypted partition be named "rooty" the boot system wants to call it lukssda2 and therefore won't continue.

SOLUTION

I fixed it by
A) using the name they expected lukssda2.
B) specifying vmlinuz-generic in lilo.conf, leaving out the kernel version number.

Tonus 01-05-2020 01:03 PM
Install Slackware with hard drive encryption
 
Edit : Do not pay attention

wigums 01-06-2020 03:30 AM
https://slackwiki.com/LVM/Luks_Encryption


All times are GMT -5. The time now is 07:55 AM.