6

Decrypt during boot using luks keyfile on usb drive

view full story
linux-howto

http://forums.fedoraforum.org – I have a machine with a brand new install of Fedora 11 with luks encryption. I've added a keyfile to luks and have put that keyfile on a usb stick. I'd like the machine to boot all the way in when it's powered on with the usb stick plugged in. I've searched for hours and haven't been able to find an easy solution to this... I think my brain is out of sync with google :p. If anyone could help me out I sure would appreciate it. From what I gather there's two paths I could take... boot entirely from usb or modify initrd to mount the usb drive and check for the key. I don't really mind which way to go... preferably the one that requires the least work :rolleyes: I've started down the road of modifying the init script in initrd... but I'm not real familiar with doing this and don't know how to setup a failsafe in case I screw up. Could someone help me out? edit: I should add... the root filesystem is encrypted. It's the default encrypted partitioning scheme... a small unencrypted /boot partition and then the luks encrypted partition that has LVM -> /root and /swap. (HowTos)