LinuxQuestions.org

LinuxQuestions.org (http://www.linuxquestions.org/questions/index.php)
-   Suse/Novell (http://www.linuxquestions.org/questions/forumdisplay.php?f=60)
-   -   Encrypted root with LUKS on LVM and RAID-1: How? (http://www.linuxquestions.org/questions/showthread.php?t=719399)

gargamel 04-15-2009 04:21 PM

Encrypted root with LUKS on LVM and RAID-1: How?
 
Dear all,

OpenSuSE 11.1 is by far the best SuSE version in a long time. It's generally up to competition or ahead of it. It's admirable, how thoughtful this system is set up, and how clean and fast it is compared to its predecessors. It ssems, that SuSE is fighting its way back to where they came from before the Novell "merger."

Having said that, it is even harder to understand, IMHO, why the installer doesn't support encrypted root partitions. Of course, there is a manual solution:

http://en.opensuse.org/Encrypted_Roo...ith_SUSE_HOWTO

However, this HOW-TO doesn't explain how to combine LUKS encryption with LVM on a RAID-1 system, as described for Slackware 12.2 here:

http://www.iverbi.de/slackware/RAID1...2_2_Howto.html
http://www.iverbi.de/slackware/RAID1...12_2_Howto.pdf

Is there a similar guide anywhere available for OpenSuSE 11.1?
I'd appreciate, if you could point me there, then.

If not: Would it be possible to do all the low-level setup work, like partitioning, setting up the logical volumes and encrypting everything, with Slackware, following the document above, and then install OpenSuSE 11.1 on that system? Would that work???

Thanks,

gargamel

gargamel 04-17-2009 12:33 PM

Maybe my original post is simply a bit too long, although my question is certainly not trivial. But I try to put it simpler and shorter:

How can I set up a fully encrypted OpenSUSE 11.1 install on a software RAID-1 system with two hard discs using LVM?

In other words: What are the exact steps for formatting, partitioning, setting up RAID-1, encrypting and creating and activation logical volumes using a combination of software RAID-1, LVM and LUKS?

Thanks for your help!

gargamel

gargamel 04-20-2009 02:59 PM

Nobody done this before? Really?
Well, then maybe someone can answer me the following question.

Would it work, if I would to the basic setup, ie formatting, setting up RAID-1 and LVM and LUKS encryption with Slackware 12.2 32-bits and then install OpenSuSE? Would the installer recognize the encrypted volumes on the software RAID-1?

Thanks!!!

gargamel

ichrispa 08-04-2009 03:57 PM

ok, I guess this out of date but I'll answer anyway.

the process of creating an encrypted root fs is essentially the same whether you use raid or not. when you create the new initrd, include the futures "lvm dm luks raid". This should suffice to get it running.

ichrispa 08-04-2009 03:58 PM

btw, if you are still working on this, I can go into more details. no point writing two pages for a project that has been given up.

gargamel 03-20-2010 04:30 PM

Yeah, I had given up on this with SuSE 11.1. But I'd give OpenSUSE 11.2 a try, I only I knew, how.

What I would do is described here:
RAID1_LVM_LUKS_Slackware12_2_Howto.html

Has anyone done this with OpenSUSE 11.2? How?

I set up a machine following this How-To, and would use the created partitioning and LV scheme for OpenSUSE 11.2. But somehow, YaST on the one hand correctly displays, which devices and partitions are under LVM control, and which ones are encrypted, but then fails to ask me for the LUKS passphrase. Also, it doesn not allow me to encrypt my RAID-1 array. In only allows me to encrypt an LV or a volume group.

Or do I get something wrong, here?
Thanks in advance!

gargamel


All times are GMT -5. The time now is 09:25 PM.