Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [luks]

LUKS (Linux Unified Key Setup) is a disk-encryption specification. It is the standard for Linux hard disk encryption.

LUKS (Linux Unified Key Setup) is a disk-encryption specification. It is the standard for Linux hard disk encryption. LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly.

Website: http://code.google.com/p/cryptsetup/

Wikipedia: http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup

157 questions
0
votes
3 answers

Very poor performance on LUKS/LVM/RAID combination under Debian Squeeze

I have the following issue: I have an encrypted partition on a lvm on a plain partition on the hd. Now I craeted a RAID array to increase the performance. That means, that I have the following stack: HD(s) -- partition(s) -- RAID -- LVM --…
Christian Wolf
  • 308
  • 3
  • 9
0
votes
1 answer

Recover Crypt password on Partition - RHEL 6

I'm new around here and I'm not sure if this is the right place to post. I was recently asked to bring in a used server from another site of ours. On booting, I found that it has been encrypted using LUKS. No one (either at our Head Office or the…
rahuL
  • 692
  • 3
  • 12
  • 31
0
votes
1 answer

Move an LXC container to a dm-crypt/LUKS filesystem

I need to move a container to a different filesystem, specifically a subdir of an already mounted LUKS/dm-crypt home dir. I tried moving it there and then bind mounting or symlinking it to /var/lib/lxc/foo but when I do lxc-start -n foo just exits…
Ross Patterson
  • 149
  • 2
  • 8
0
votes
1 answer

Restoring data from a failed and possibly partly overwritten mdadm raid1

I have a failing hard disk (let's call it sda) which contains, among other things, a 1.5 TB partition (let's call it sda3). There is another disk (sdb), which has a 1.5 TB partition (sdb1) as well. Both used to be part of an mdadm level 1 RAID using…
Adrian Heine
  • 328
  • 4
  • 22
0
votes
1 answer

LUKS with LVM, mount is not persistent after reboot

I have created a Logical vol and used luks to encrypt it. But while rebooting the server. I get a error message (below), therefore I would have to enter the root pass and disable the /etc/fstab entry. So mount of the LUKS partition is not persistent…
linxsaga
  • 41
  • 1
  • 5
0
votes
4 answers

What RAID Level Should Be Used

I am working on a server build project for work and have inherited the following items that I need to figure out the best way to handle and configure. 2 of these: I/O Crest SY-PEX40008 PCI-e SATA II Host Controller Card 8 or 9 of these: Hitachi…
John
  • 2,276
  • 7
  • 44
  • 60
0
votes
1 answer

Adding a disk to an encrypted LVM under Debian 6

I installed a Debian 6 with the "use LVM and encrypt" option. Now I would like to add a second disk and also encrypt it. This is what I did so far: pvcreate /dev/sdb vgextend [vgname] /dev/sdb lvcreate -n [lvname] -l 100%FREE [vgname] luksformat -t…
Tie-fighter
  • 751
  • 2
  • 9
  • 17
0
votes
0 answers

LUKS encrypted, fails to open with /etc/crypttab

#platform=x86, AMD64, or Intel EM64T #version=DEVEL text url --url=http://caching-proxy/repos/rhel8/8.5/rhn/base/unstable repo --name=cache-rhn-base --baseurl=http://caching-proxy/repos/rhel8/8.5/rhn/base/unstable --install repo…
Bennelong Ryde
  • 1
  • 1
0
votes
0 answers

Bootprocess stops after detaching raid member

I run following Setup in my Testlabor before migrating into production: Dm-crypt/luks Raid1 / btrfs EFI dracut / fedora Server GRUB2 Systemd I simulated a drive failure (the one without boot partition) The boot process stops with: Waiting for Job of…
marcelfoss
  • 1
  • 1
0
votes
1 answer

How do you enforce a custom password policy on LUKS FDE (Ubuntu 22)?

I need to enforce a strong custom password policy for LUKS FDE on Ubuntu 22. I have successfully enforced it on the user account level by modifying /etc/pam.d/common-password. But the restrictions in this file do not get applied when changing a LUKS…
fastraul
  • 1
  • 1
0
votes
0 answers

Mounting an encrypted fs WITH prompt at boot time (LUKS, cryptsetup)

Per company policy my laptop has to be very secure in case of theft, so I have created an encrypted partition (LUKS) that I want to mount via /etc/fstab. However, I do NOT want to add passphrase to the volume or use a key file (e.g. per Auto mount…
LetMeSOThat4U
  • 1,371
  • 2
  • 17
  • 35
0
votes
1 answer

Full disk encryption on CentOS 9 Stream with TPM2 decryption at boot time

I'm working on provisioning a server that requires full drive encryption and I want to automate the process of decrypting the drive at startup using the TPM2 module available on the motherboard, but I can't quite get the system to do so. I have a…
Thomas Gonnot
  • 1
0
votes
1 answer

Rocky 9.1 dracut fails to boot

My rocky 9.1 vm kernel is not able to load/boot/decrypt a LVM Luks2 volume during boot. Booting with 5.14.0-162.6 works fine. But fails booting the latest 5.14.0-162.18 or 5.14.0-162.12 kernel, dracut throws with error: Starting dracut pre-udev…
sherwood
  • 1
  • 1
0
votes
1 answer

LUKS Encryption

I recently cloned my 250GB disk, installed with Fedora37, encrypted with LUKS. Currently approx. 20 GB disk space is used, the rest is free. I went ahead and booted from a fedora-live-usb and cloned the disk with dd to an external drive, plus, ive…
user21220455
  • 3
  • 1
0
votes
0 answers

Does centos Stream (8 or 9) support crypttab keyscript?

I have had setting up network unlock for my Centos based hypervisor for several years, and I finally set the time aside to try it a second time and am running into a road block. I do not want to ssh to a dropbear initramfs, I want this to be…
ACiD GRiM
  • 123
  • 1
  • 7
1 2 3
10 11