This is Gentoo's testing wiki. It is a non-operational environment and its textual content is outdated.
Please visit our production wiki at https://wiki.gentoo.org
Talk:Full Disk Encryption From Scratch Simplified
This is a talk page. Please add newer comments below older ones, and sign your comments using four tildes (
~~~~).
When adding a new section (at the bottom of the page), please mark it as "open for discussion" by using {{talk|open}} so it will show up in the list of open discussions.Swap partition
The article does not consider the creation of the swap partition. --Mimosinnet 06:59, 3 March 2018 (UTC)
I never used encryption for swap, so I can't add information how to do it. Maybe, someone from community can add such info. P.S. For laptop - suspend to RAM are pretty enough, for desktop - same. If I haven't enough RAM to do something (compilation of libreoffice) -> then temporary swap file on encrypted partition are enought. -- Feniksa 18:00, 4 March 2018 (UTC)
I have found that this article covers the encrypted swap and hibernation
https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide/Preparing_the_LUKS-LVM_Filesystem_and_Boot_USB_Key
-- citizenkepler 17:24, 3 October 2018 (UTC)
cryptsetup command
The article suggests the command:
root@localhost #cryptsetup luksFormat -c aes-cbc-essiv:sha256 -s /dev/sdX3
The key size in bits should follow the -s flag. Therefore, the previous command does not work. What about:
root@localhost #cryptsetup -s 512 luksFormat /dev/sdX3
--Mimosinnet 08:45, 15 March 2018 (UTC)
grub needs device-mapper support
As far as I know grub needs to be compiled with the device-mapper USE flag in order to support lvm. This should be mentioned somewhere.
root@localhost #echo "sys-boot/grub:2 device-mapper" >> /etc/portage/package.use/sys-boot
--weidenba 8:15, 2nd September 2018 (UTC)