Mailinglist Archive: opensuse (2532 mails)

< Previous Next >
Re: [opensuse] decrypting LUKS partitions without passphrase
  • From: PaulFransen <send.me@xxxxxxxxx>
  • Date: Mon, 12 May 2008 09:37:14 +0200
  • Message-id: <200805120937.15007.send.me@xxxxxxxxx>
On Saturday 03 May 2008 10:56:53 Daniel Bauer wrote:
On Saturday 03 May 2008 10.36:38, PaulFransen wrote:
Hi all,

I have my root, swap and home partitions encrypted with LUKS as described
in http://en.opensuse.org/Encrypted_Root_File_System
and it works great on openSUSE 10.3.

When I fire up my computer, I have to enter three passphrases to decrypt
the three partitions. This is of course unavoidable for the root
partition but it should be possible to use keys stored on this partition
to decrypt the swap and home partitions and thus to avoid entering two
more passphrases.

I tried to accomplish this for the swap partition by
dd if=/dev/random of=/etc/keys/swap.key bs=1 count=256
cryptsetup luksAddKey /dev/sda6 /etc/keys/swap.key
and then putting the follwing line in /etc/crypttab:
swap /dev/sda6 /etc/keys/swap.key luks
but at boot time, the systems keeps asking for three passphrases.

Am I overlooking something?

Regards,

Paul.

I had the same problem. Here's how I achieved the desired:

http://lists.opensuse.org/opensuse/2008-04/msg02199.html

regards

Daniel


Hi Daniel,

I followed your description and it worked very well. For my company's
documentation, I had to write a HOWTO which I am enclosing here.

Best regards,

Paul.
< Previous Next >
Follow Ups