[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

dm-crypt questions

(1)  initrd and dm-crypt of root partition using luks

 I am trying to plan to set up my laptop with root dm-crypted.  Is the initrd 
that comes with each kernel upgrade going to have the dm-crypt modules - 
either coz they are there or coz the image is generated by the kernel rpm? Or 
will I need to remake the initrd.img after each kernel update?

 I assume somehow I will need to make a new img at least once - does mkinitrd 
check all modules currently loaded or do I need to explicitly list the 
dm-crypt modules I need 
via --with=sha256 --with=aes --with=blkcipher --with=dm-crypt --with=dm_mod 

(2)  I'm thinking I need an unencrypted /boot, encrypted / and 
encrypted /home. For /home since / is protected I could put one password 
directly into the /etc/crypttab. I will make sure crypttab is only root 
readable.  Seem reasonable?

(3) Might be something to think about for F8 too. Also I didn't yet find a 
good howto specifically for F7 - some very nice stuff on www.saout.de and 
also good ubuntu stuff for feisty.

(4) Does anyone know offhand if the kde live cd includes cryptsetup-luks and 
gparted ? luks-tools? I think the only way to proceed from here is to boot a 
live cd and run cryptsetup from there, fix up grub etc aftewards ...

(5) Obviously for a laptop on the road this is pretty important - so  Anyone 
else doing this and can you offer any guidance?



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]