Talk:LVM on LUKS
The last two umount statements before the reboot require a newer version of umount than what comes in the standard Alpine download. I needed to add the package util-linux to get the correct version and although the page mentions the package in the early section about getting the boot device name it doesn't explicitly state to download it. --Sadbadman (talk) 06:45, 2 February 2020 (UTC)
I had difficulty with an encrypted /boot setup sda1=>efi, sda2=>crypt=>lvm(/root,/boot,swap). The instructions by default will result in using LUKS2 with Argon2. This is not actually supported by GRUB2 for an encrypted /boot setup (see Arch wiki article "GRUB", section "Encrypted_/boot" and GRUB bug 55093 - i can't post links yet). Until GRUB 2.06 is released and reaches alpine, users wanting encrypted /boot may need --type luks1 when running cryptsetup luksFormat. And once GRUB 2.06 does arrive, it may require using PBKDF2. Users will need to consult GRUB documentation when that time comes. --Stapleemptier (talk) 09:09, 16 February 2020 (UTC)
I was able to confirm the above about --type luks1 today. That, plus adding "GRUB_ENABLE_CRYPTODISK=y" to /etc/default/grub, allowed this procedure to work with v3.11. I will update accordingly. --Stapleemptier (talk) 00:38, 17 February 2020 (UTC)
Optional: Overwrite LUKS Partition with Random Data
Is this section still accurate since since Kernel 5.6, or roughly Alpine Linux version 3.13? Doesn't /dev/random now do what is needed here without installing extra packages?