Re: [opensuse] Re: Full disk encryption with RAID+LVM+LUKS on openSUSE 13.2?

30 Mar 2015

      Chris Murphy wrote:
...
On Fri, Mar 27, 2015 at 4:48 PM, Bjoern Voigt  wrote:
...
Yes, /boot must be unencrypted. But unfortunately in openSUSE "/"
can't be encrypted without LVM even if there is a separate /boot
partition. I already discussed this issue with developers here some
time ago. It's probably something, which should be done sometime.
But I also don't know a distribution which can handle full-disk
encryption without LVM. I don't know an existing feature request for
this.
Fedora does.
Thank you. I tried RAID-5 with 3 disks, unencrypted /boot partition
and a standard (non-LVM) encrypted root-partition with Fedora 21. It
works fine. Since Fedora also uses Systemd and Dracut (like
openSUSE), it shouldn't be so hard to adapt the mechanisms.
I found several feature requests for encrypted non-LVM root
partitions in openSUSE. Until now, there are not much votes for the
feature requests. Please vote, if you like this feature:

Ability to create encrypted partitions without using LVM
https://features.opensuse.org/314850

Encryption - Installer needs more information and options
https://features.opensuse.org/310279
...
...
Now I have done this slightly different. I configured
Host-Raid/Fake-RAID on one server. I can manage the RAID with
"dmraid" and the BIOS. openSUSE 13.2 handled this without problems
during installation. On top of the Fake-RAID I partitioned the RAID
device like a single hard disk.
dmraid? Are you sure? If this is Intel firmware RAID, the dmraid
support is deprecated. It's all been moved to md/mdadm these days.
Otherwise, it sounds fine.
Thank you. I found a lot of outdated information regarding Fake-RAID.
Greetings,
Björn

-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse+owner@opensuse.org