Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Full Disk Encryption WITHOUT Initramfs or Grub
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22730

PostPosted: Wed Aug 03, 2022 1:08 pm    Post subject: Reply with quote

The partition containing a LUKS volume will have a PARTUUID. The block device exposed after LUKS is unlocked will not have a PARTUUID, but does not need one, because part of unlocking the LUKS device is picking the /dev/mapper name under which the decrypted device will appear. Therefore, you can control and predict that name, independent of the hardware, so you can use PARTUUID to refer to the partition containing the LUKS header+encrypted data, and use a name like /dev/mapper/my-chosen-name to refer to the decrypted LUKS device.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 20496

PostPosted: Wed Aug 03, 2022 7:16 pm    Post subject: Reply with quote

X4DE wrote:
pietinger wrote:
X4DE wrote:
how can I specify the device for **dm-mod.create** with uuids instead of /dev/<block_name> ?

AFAIK this is not possible because it accepts only major/minor number or /dev/xxxx (I am not sure about this). But if you want try, then try with PARTUUID and NOT with UUID (they are different).


PARTUUIDs are only for partitions, sadly didn't worked for identifynig the luks partition
If you know the UUID, you might be able to identify the device associated with that UUID:
findmnt -no SOURCE /dev/disk/by-uuid/<UUID-separated-by-hyphnes>
_________________
Quis separabit? Quo animo?
Back to top
View user's profile Send private message
dsreyes1014
n00b
n00b


Joined: 19 Oct 2015
Posts: 23

PostPosted: Tue Nov 15, 2022 4:08 pm    Post subject: Reply with quote

I'm a bit confused. Are we just using dm-mod.create="..." to input the plaincrypt key in the efistub? I just could not get this to work and not too sure how to debug any issues.
Back to top
View user's profile Send private message
pietinger
Moderator
Moderator


Joined: 17 Oct 2006
Posts: 5162
Location: Bavaria

PostPosted: Tue Nov 15, 2022 4:36 pm    Post subject: Reply with quote

dsreyes1014 wrote:
I'm a bit confused. Are we just using dm-mod.create="..." to input the plaincrypt key in the efistub?

Yes.

This parameter is read by a kernel module (so it is not a kernel parm; it is a kernel module parm ;-) ) and configures it at kernel startup time; you COULD do the same configuration later with an init-script IF you want to decrypt another partition than root ... ;-)

dsreyes1014 wrote:
I just could not get this to work and not too sure how to debug any issues.

As I wrote in my previous post I dont recommend this solution, but if you want to try, maybe a step-by-step installation could help. Try to make an efi-stub-kernel and do an UEFI boot. If this works, make a bootable USB stick (without encryption) and check if this works (boot from there). Now try to encrypt a (empty) test partition with dmcrypt. Then try again all steps described here.

Maybe my (german) article how to encrypt a home partition with dmcrypt can help to understand dmcrypt ?
https://forums.gentoo.org/viewtopic-p-8457358.html#8457358
Back to top
View user's profile Send private message
dsreyes1014
n00b
n00b


Joined: 19 Oct 2015
Posts: 23

PostPosted: Tue Nov 15, 2022 4:44 pm    Post subject: Reply with quote

pietinger wrote:
This parameter is read by a kernel module (so it is not a kernel parm; it is a kernel module parm ;-) ) and configures it at kernel startup time; you COULD do the same configuration later with an init-script IF you want to decrypt another partition than root ... ;-)

So should I make it a dm-mod.create= a module instead of builtin to the kernel? I have builtin at the moment

EDIT: Nevermind it only allows as builtin to the kernel. Dumb question sorry.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum