Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [luks]

LUKS (Linux Unified Key Setup) is a disk-encryption specification. It is the standard for Linux hard disk encryption.

LUKS (Linux Unified Key Setup) is a disk-encryption specification. It is the standard for Linux hard disk encryption. LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly.

Website: http://code.google.com/p/cryptsetup/

Wikipedia: http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup

157 questions
1
vote
4 answers

How can I cause systemd to wait starting a unit until a certain condition is fullfilled

I'm still struggling to understand boot sequence dependency configuration in systemd unit files. I've read the manual (systemd.unit). I tried to add dependencies using the After= and Requires= lines to my unit configuration file. However it still…
pefu
  • 679
  • 1
  • 6
  • 24
1
vote
2 answers

Is VPS Disk Encryption pointless?

It's relatively straight-forward to create an encrypted storage volume (e.g. Like so: https://www.digitalocean.com/community/tutorials/how-to-create-an-encrypted-file-system-on-a-digitalocean-block-storage-volume .) However, since the filesystem is…
Glenn
  • 35
  • 2
  • 7
1
vote
0 answers

Recover encrypted LVM

I had Debian install running on LUKS encrypted LVM. This morning, I wanted to install OS on external disk to be used on another host, but mistakenly I chose the wrong disk... Few seconds in I noticed that I have chosen the wrong one, so right away I…
jctest
  • 11
  • 1
1
vote
1 answer

Samba and luks encrypted disk together: Huge performance loss despite plenty of CPU resources, LUKS and samba alone works as expected

Setup: SSD encrypted with luks aes-xts 512 bits (256 bits AES key), ext4 filesystem dd write performance of 138 MB/s, CPU usage 97-100 % dd if=/dev/zero of=testfile status=progress bs=32M count=128 4294967296 bytes (4,3 GB, 4,0 GiB) copied, 31 s,…
Hannes
  • 307
  • 2
  • 12
1
vote
1 answer

LUKS encryption for mounted disk - how to decrypt cinder volume

I have a question about the possible decryption of LUKS volume. I'm testing currently barbican+cinder, but I'm just wondering if there is a way, to somehow decrypt my LUKS volume with payload generated by a barbican. Is there any procedure for that?…
Jan Wasilewski
  • 11
  • 1
1
vote
1 answer

Cryptsetup and partitions

I have the following Centos 7 system that I inherited. Here's the disk setup: # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 931.5G 0 disk ├─sda1 8:1 0 200M 0 part /boot/efi ├─sda2 8:2 0 …
Dr. Luveno
  • 11
  • 1
1
vote
1 answer

HDD bad sector marking through LUKS2 layer (dm-crypt) + ZFS

If having 2x LUKS-encrypted HDDs with a ZFS mirror pool on top of the dm-crypt mapper devices: what happens if one of my HDDs encounters an error and the OS recognizes a sector as bad ? Will this bad sector information be passed to the…
Vortex
  • 13
  • 3
1
vote
2 answers

How do I know a LUKS header is corrupt?

My computer froze for a long time and I pressed the reset button. After reboot, all FIVE luks-encrypted (LUKS 1) file systems will no longer open. The message I get is "No key available with this passphrase." I am sure I am using the right password.…
JLMathis
  • 11
  • 3
1
vote
2 answers

Is there a good way to shrink disk usage of sparse file containing luks-encrypted btrfs file system image?

I've created a sparse file filesystem.img, formatted in with cryptsetup luksFormat, created a btrfs filesystem on it. The image file disk usage expanding fine while adding files to the btrfs filesystem. However deleting a file on it of course do not…
Nick
  • 126
  • 5
1
vote
2 answers

Failed to find logical volume "group/swap"

The error occurs on a LVM/LUKS Debian VPS. I deleted the swap volume and grew the root volume using the following: swapoff /dev/group/swap lvremove group/swap lvresize -rl +100%FREE /dev/group/root Now, when I boot, I get the following error…
sunknudsen
  • 701
  • 3
  • 14
  • 28
0
votes
0 answers

Adding drive to extend root file system when using LVM on LUKS

I have an 18.04 ubuntu based system using their LVM on top of LUKS setup on one drive, and I want to add an additional drive /dev/sdb to extend root (i.e. /). VG name lubuntu-vg, LV name root, LV Path /dev/lubuntu-vg/root I am able to do this as…
Jan Nell
  • 1
  • 3
0
votes
1 answer

CentOS+LUKS: Unlock Multiple Disks @Boot with One Password Prompt

In Debian, I am able to unlock multiple disks at bootup with only one prompt, using decrypt_keyctl and the initramfs switch in /etc/crypttab. I am wondering how to do this in CentOS-7? A plain vanilla install of Nethserver with two luks devices has…
Diagon
  • 246
  • 1
  • 11
0
votes
2 answers

How can I fingerprint a disk to check if it has been tampered with?

An example is cold storage of backups that include an operating system with LUKS disk encryption. How can I know the disk hasn’t been tampered with before entering the LUKS passphrase? I am looking for something similar to openssl dgst -sha256…
sunknudsen
  • 701
  • 3
  • 14
  • 28
0
votes
0 answers

guestmount a kvm domain with an encrypted partition

I have a VM running under KVM hypervisor on a CentOS 7.3 server that was created with a LUKS-encrypted root partition. There are two partitions in the VM: /dev/sda1 is the boot partition and is unencrypted and /dev/sda2 is the encrypted partition…
sizzzzlerz
  • 123
  • 4
0
votes
1 answer

Logical Volume Resize fails with insufficient free space but PV and VG has free PE

So i would like to extend a logical volume but i run into some error. The lvextend function tells me it cannot allocate space because there is no free space on the pv, but there is. Something i am missing here? sudo lvextend -L 80G…
Raros
  • 11
  • 1
  • 3
1 2 3
10 11