keyctl_keyscript icon indicating copy to clipboard operation
keyctl_keyscript copied to clipboard

Published 20 hours ago verified publisher icon gebi

add info about initramfs

Open karlkashofer opened this issue 4 years ago • 1 comments

Hi !

I implemented decrypt_keyctl on my debian server with encrypted root and several other encrypted disks. I am asked for the passphrase in the initramfs, but as its not mounting the other disks while in initrd, i get asked for the passphrase again after booting commences.

This can be avoided by asking to decrypt all disks while in initramfs, by adding "initramfs" to the crypttab parameters:

md1_crypt UUID=xx cryptvols: luks,keyscript=decrypt_keyctl,initramfs raid6 UUID=xx cryptvols luks,keyscript=decrypt_keyctl,initramfs scratch UUID=xx cryptvols luks,keyscript=decrypt_keyctl,initramfs

Then all disks are opened with the cached passphrase while in initramfs.

Could you add this info to readme.md ?

karlkashofer avatar Dec 28 '20 13:12 karlkashofer

Hi @karlkashofer

thx for the heads up :), i've not used this in a long time, can you please submit a pull request with your changes? thx!

btw... what else would be nice to make the integration easier? any annoyances you hit?

gebi avatar Dec 29 '20 14:12 gebi