Talk:LVM on LUKS: Difference between revisions
No edit summary |
m (→Optional: Overwrite LUKS Partition with Random Data: Forgot signature. Oops.) |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 7: | Line 7: | ||
The last two umount statements before the reboot require a newer version of umount than what comes in the standard Alpine download. I needed to add the package util-linux to get the correct version and although the page mentions the package in the early section about getting the boot device name it doesn't explicitly state to download it. | The last two umount statements before the reboot require a newer version of umount than what comes in the standard Alpine download. I needed to add the package util-linux to get the correct version and although the page mentions the package in the early section about getting the boot device name it doesn't explicitly state to download it. | ||
--[[User:Sadbadman|Sadbadman]] ([[User talk:Sadbadman|talk]]) 06:45, 2 February 2020 (UTC) | --[[User:Sadbadman|Sadbadman]] ([[User talk:Sadbadman|talk]]) 06:45, 2 February 2020 (UTC) | ||
---- | |||
I had difficulty with an encrypted /boot setup sda1=>efi, sda2=>crypt=>lvm(/root,/boot,swap). The instructions by default will result in using LUKS2 with Argon2. This is not actually supported by GRUB2 for an encrypted /boot setup (see Arch wiki article "GRUB", section "Encrypted_/boot" and GRUB bug 55093 - i can't post links yet). Until GRUB 2.06 is released and reaches alpine, users wanting encrypted /boot may need --type luks1 when running cryptsetup luksFormat. And once GRUB 2.06 does arrive, it may require using PBKDF2. Users will need to consult GRUB documentation when that time comes. --[[User:Stapleemptier|Stapleemptier]] ([[User talk:Stapleemptier|talk]]) 09:09, 16 February 2020 (UTC) | |||
I was able to confirm the above about --type luks1 today. That, plus adding "GRUB_ENABLE_CRYPTODISK=y" to /etc/default/grub, allowed this procedure to work with v3.11. I will update accordingly. --[[User:Stapleemptier|Stapleemptier]] ([[User talk:Stapleemptier|talk]]) 00:38, 17 February 2020 (UTC) | |||
== Optional: Overwrite LUKS Partition with Random Data == | |||
Is this section still accurate since since Kernel 5.6, or roughly Alpine Linux version 3.13? | |||
Doesn't /dev/random now do what is needed here without installing extra packages? | |||
[[User:Zcrayfish|zcrayfish]] ([[User talk:Zcrayfish|talk]]) 18:56, 17 December 2021 (UTC) | |||
Revision as of 18:56, 17 December 2021
Why was ,mode=1777 removed from /tmp? --Ncopa (talk) 07:12, 15 May 2014 (UTC)
Hello! While following the directions for installing grub (via grub-install) I found the package efibootmgr is longer available using apk. Help! --Mnemolyst (talk) 22:40, 07 Nov 2019 (UTC)
The last two umount statements before the reboot require a newer version of umount than what comes in the standard Alpine download. I needed to add the package util-linux to get the correct version and although the page mentions the package in the early section about getting the boot device name it doesn't explicitly state to download it. --Sadbadman (talk) 06:45, 2 February 2020 (UTC)
I had difficulty with an encrypted /boot setup sda1=>efi, sda2=>crypt=>lvm(/root,/boot,swap). The instructions by default will result in using LUKS2 with Argon2. This is not actually supported by GRUB2 for an encrypted /boot setup (see Arch wiki article "GRUB", section "Encrypted_/boot" and GRUB bug 55093 - i can't post links yet). Until GRUB 2.06 is released and reaches alpine, users wanting encrypted /boot may need --type luks1 when running cryptsetup luksFormat. And once GRUB 2.06 does arrive, it may require using PBKDF2. Users will need to consult GRUB documentation when that time comes. --Stapleemptier (talk) 09:09, 16 February 2020 (UTC)
I was able to confirm the above about --type luks1 today. That, plus adding "GRUB_ENABLE_CRYPTODISK=y" to /etc/default/grub, allowed this procedure to work with v3.11. I will update accordingly. --Stapleemptier (talk) 00:38, 17 February 2020 (UTC)
Optional: Overwrite LUKS Partition with Random Data
Is this section still accurate since since Kernel 5.6, or roughly Alpine Linux version 3.13? Doesn't /dev/random now do what is needed here without installing extra packages? zcrayfish (talk) 18:56, 17 December 2021 (UTC)