| View previous topic :: View next topic |
| Author |
Message |
389292
Guru
Joined: 26 Mar 2019
Posts: 504
|
 Posted: Wed Apr 10, 2019 5:50 pm Post subject: Detached LUKS headers on USB flash, bad idea? |
 |
|
I've read here that if you detach your LUKS header, you shouldn't really unmount that drive (with the header) after boot, is it true? Shouldn't it stay in memory while the drive is mounted? I don't plan to use hibernation or any kind of sleep function.
Last edited by 389292 on Wed Apr 10, 2019 10:06 pm; edited 1 time in total |
|
| Back to top |
|
 |
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Wed Apr 10, 2019 8:54 pm Post subject: |
|
|
| The cryptsetup package, as the name hints, is only really used to set up the in-kernel encryption stuff and load the keys/metadata used to make the container mountable. You can double-check this for yourself using tools like fuser(1) on the header device - it shouldn't show anything holding an open filehandle to the header. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23064
|
| Posted: Thu Apr 11, 2019 1:59 am Post subject: |
|
|
| That claim, with no supporting evidence that I can see, is the first I have heard of it being a problem. The same person goes on to say that you should not mix LUKS with LVM, again without a good description of why to avoid this. I generally see LUKS+LVM proposed as the preferred way to handle LUKS, since it minimizes the number of unique password prompts while still granting you multiple independent filesystems inside the container. Without a more precise description of what happened and why, I am not inclined to accept either of those claims. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
