|
Source: HowTo Forge - Posted by Eckie Silapaswang
|
I am assuming that you already know how to set up an encrypted file system using cryptsetup with luks (or something else). There are several howtos. I am also assuming that you are familiar with LVM2.
This tutorial deals only with how to add an extra encrypted physical volume to a volume group pool containing other encrypted physical volumes. This is typical scenario if, at first, you have set up your encryption at a physical partition level (/dev/sdaX where X is the a number of your partition), then you setup your LVM on top of the encrypted partition. If at some later time you want to add another partition in your volume group, you will also want to have it encrypted in order to maintain the same level of security. In order for your machine to boot, initramfs needs to be able to unlock both PVs in order to reconstruct the entire volume group where your root lv is lying.
For those of you familiar with LVM2 and looking to securely encrypt data on your logical volumes, this article provides a great step-by-step tutorial on how to do so. This implementation requires passwords to be typed for each volume - maybe you can let us know how this would be done with a keyfile?
Read this full article at HowTo Forge
Powered by AkoComment! |
