The git repo behind my blog.

decrypt-multiple-luks-containers-at-boot-on-arch.html 7.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. <!DOCTYPE html>
  2. <html lang="en">
  3. <head>
  4. <link href='https://phyks.me/theme/stylesheet/fonts.css' rel='stylesheet' type='text/css'>
  5. <link rel="stylesheet" type="text/css" href="https://phyks.me/theme/stylesheet/style.min.css">
  6. <link rel="stylesheet" type="text/css" href="https://phyks.me/theme/pygments/monokai.min.css">
  7. <link rel="stylesheet" type="text/css" href="https://phyks.me/theme/font-awesome/css/font-awesome.min.css">
  8. <link href="https://phyks.me/feeds/all.atom.xml" type="application/atom+xml" rel="alternate" title="Phyks' blog Atom">
  9. <link rel="shortcut icon" href="/images/favicon.ico" type="image/x-icon">
  10. <link rel="icon" href="/images/favicon.ico" type="image/x-icon">
  11. <meta charset="utf-8" />
  12. <meta http-equiv="X-UA-Compatible" content="IE=edge" />
  13. <meta name="HandheldFriendly" content="True" />
  14. <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  15. <meta name="robots" content="index, follow" />
  16. <!-- Chrome, Firefox OS and Opera -->
  17. <meta name="theme-color" content="#333">
  18. <!-- Windows Phone -->
  19. <meta name="msapplication-navbutton-color" content="#333">
  20. <!-- iOS Safari -->
  21. <meta name="apple-mobile-web-app-capable" content="yes">
  22. <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
  23. <!-- Microsoft EDGE -->
  24. <meta name="msapplication-TileColor" content="#333">
  25. <meta name="author" content="Phyks" />
  26. <meta name="description" content="I installed Arch on my laptop with a LVM on LUKS setup. But I’ve two disks on my laptop (so this means at least two LUKS container) and my LVM install extended over the two disks. So, I needed to unlock two devices at boot to be able to …" />
  27. <meta name="keywords" content="">
  28. <meta property="og:site_name" content="Phyks' blog"/>
  29. <meta property="og:title" content="Decrypt multiple LUKS containers at boot on Arch"/>
  30. <meta property="og:description" content="I installed Arch on my laptop with a LVM on LUKS setup. But I’ve two disks on my laptop (so this means at least two LUKS container) and my LVM install extended over the two disks. So, I needed to unlock two devices at boot to be able to …"/>
  31. <meta property="og:locale" content="en_US.UTF-8"/>
  32. <meta property="og:url" content="https://phyks.me/2013/11/decrypt-multiple-luks-containers-at-boot-on-arch.html"/>
  33. <meta property="og:type" content="article"/>
  34. <meta property="article:published_time" content="2013-11-17 08:00:00+01:00"/>
  35. <meta property="article:modified_time" content=""/>
  36. <meta property="article:author" content="https://phyks.me/author/phyks.html">
  37. <meta property="article:section" content="ConfigPorn"/>
  38. <meta property="og:image" content="/images/profile.png">
  39. <title>Phyks' blog &ndash; Decrypt multiple LUKS containers at boot on Arch</title>
  40. </head>
  41. <body>
  42. <aside>
  43. <div>
  44. <a href="https://phyks.me">
  45. <img src="/images/profile.png" alt="Phyks" title="Phyks">
  46. </a>
  47. <h1><a href="https://phyks.me">Phyks</a></h1>
  48. <p>I write about dev, FOSS, DIY and more, in French and English.</p>
  49. <ul class="social">
  50. <li><a class="sc-rss" href="feeds/all.atom.xml" target="_blank"><i class="fa fa-rss"></i></a></li>
  51. <li><a class="sc-envelope-o" href="mailto:phyks+blog@phyks.me" target="_blank"><i class="fa fa-envelope-o"></i></a></li>
  52. <li><a class="sc-github" href="http://github.com/phyks/" target="_blank"><i class="fa fa-github"></i></a></li>
  53. <li><a class="sc-gitlab" href="https://git.phyks.me/phyks" target="_blank"><i class="fa fa-gitlab"></i></a></li>
  54. </ul>
  55. </div>
  56. </aside>
  57. <main>
  58. <nav>
  59. <a href="https://phyks.me">Home</a>
  60. <a href="https://links.phyks.me">Bookmarks</a>
  61. <a href="/pages/hosted-tools.html">Tools</a>
  62. <a href="/archives.html">Archives</a>
  63. <a href="/pages/memo-autohebergement.html">Autohébergement</a>
  64. <a href="https://phyks.me/feeds/all.atom.xml">Atom</a>
  65. </nav>
  66. <article class="single">
  67. <header>
  68. <h1 id="decrypt-multiple-luks-containers-at-boot-on-arch">Decrypt multiple <span class="caps">LUKS</span> containers at boot on&nbsp;Arch</h1>
  69. <p>
  70. Posted on November 17, 2013 in <a href="https://phyks.me/category/configporn.html">ConfigPorn</a>
  71. &#8226; 1 min read
  72. </p>
  73. </header>
  74. <div>
  75. <p>I installed Arch on my laptop with a <span class="caps">LVM</span> on <span class="caps">LUKS</span> setup. But I&#8217;ve two
  76. disks on my laptop (so this means at least two <span class="caps">LUKS</span> container) and my
  77. <span class="caps">LVM</span> install extended over the two disks. So, I needed to unlock two
  78. devices at boot to be able to mount my system (which is something the
  79. default encrypt hook doesn&#8217;t support in Arch). Here&#8217;s a way to proceed
  80. in order to achieve unlocking of multiple encrypted devices (presented
  81. with 2 devices, but can be used for&nbsp;more).</p>
  82. <p>First, you need to install the necessary stuff to use cryptsetup and set
  83. the encrypt hook to be load (in mkinitcpio.conf) as described in <a href="https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS#.2Fetc.2Fmkinitcpio.conf">Arch
  84. wiki</a>.</p>
  85. <p>Then, copy the file /usr/lib/initcpio/hooks/encrypt to
  86. /usr/lib/initcpio/hooks/encrypt2. Edit this last file and change any
  87. occurrence of cryptdevice and cryptkey by cryptdevice2 and cryptkey2.
  88. Also change the&nbsp;line</p>
  89. <div class="highlight"><pre><span></span>mkdir /ckey
  90. </pre></div>
  91. <p>by</p>
  92. <div class="highlight"><pre><span></span><span class="k">if</span> <span class="o">[</span> -d /ckey <span class="o">]</span><span class="p">;</span> <span class="k">then</span>
  93. mkdir /ckey
  94. <span class="k">fi</span>
  95. </pre></div>
  96. <p>in order to avoid the display of a warning on boot. Load this encrypt2
  97. hook in your&nbsp;mkinitcpio.conf.</p>
  98. <p>Finally, edit your command line parameters (in Grub for example), adding
  99. the required cryptdevice, cryptkey (for first device) and cryptdevice2,
  100. cryptkey2 (for second&nbsp;device).</p>
  101. <p>This is the best solution I&#8217;ve found so far, but it requires to manually
  102. update the second hook when updates are available (cryptsetup package,
  103. not all updates concern encrypt hook). Another solution was provided by
  104. the package cryptsetup-multi but this one is now obsolete and this setup
  105. is the one that works best for&nbsp;me.</p>
  106. </div>
  107. <div class="tag-cloud">
  108. <p>
  109. </p>
  110. </div>
  111. <div class="addthis_relatedposts_inline">
  112. </article>
  113. <footer>
  114. <p>
  115. &copy; 2017 - This work is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/">Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License</a>
  116. </p>
  117. <p>Powered by <a href="http://getpelican.com" target="_blank">Pelican</a> - <a href="https://github.com/alexandrevicenzi/flex" target="_blank">Flex</a> theme by <a href="http://alexandrevicenzi.com" target="_blank">Alexandre Vicenzi</a></p><p>
  118. <a rel="license"
  119. href="http://creativecommons.org/licenses/by-nc-sa/4.0/"
  120. target="_blank">
  121. <img alt="Creative Commons License"
  122. title="Creative Commons License"
  123. style="border-width:0"
  124. src="https://phyks.me/theme/img/cc/by-nc-sa.png"
  125. width="80"
  126. height="15"/>
  127. </a>
  128. </p> </footer>
  129. </main>
  130. <script type="application/ld+json">
  131. {
  132. "@context" : "http://schema.org",
  133. "@type" : "Blog",
  134. "name": " Phyks' blog ",
  135. "url" : "https://phyks.me",
  136. "image": "/images/profile.png",
  137. "description": "I write about dev, FOSS, DIY and more, in French and English."
  138. }
  139. </script>
  140. </body>
  141. </html>