This is Gentoo's testing wiki. It is a non-operational environment and its textual content is outdated.
Please visit our production wiki at https://wiki.gentoo.org
User:Fog Watch/AES-encrypted root partition using LVM2
From Gentoo Wiki (test)
Jump to:navigation
Jump to:search
Gentoo will be installed on the following layers
- filesystem
- LVM2 logical volumes
- loop-AES encryption
- raid 1
- GPT disk partitions.
Approach
asdf
Work
For a livecd [www.sysresccd.org/ SystemRescueCd] is probably the best. Everything else appears not to include a patched losetup.
Boot the livecd.
root #passwdAnd then
user $ssh user@hostnameto complete the rest.
root #gdisk -l /dev/sdaGPT fdisk (gdisk) version 0.8.5 Partition table scan: MBR: protective BSD: not present APM: not present GPT: present Found valid GPT with protective MBR; using GPT. Disk /dev/sda: 390721968 sectors, 186.3 GiB Logical sector size: 512 bytes Disk identifier (GUID): E9C3E020-D7A3-4F58-9D5A-0CB44FF97A09 Partition table holds up to 128 entries First usable sector is 34, last usable sector is 390721934 Partitions will be aligned on 2048-sector boundaries Total free space is 2014 sectors (1007.0 KiB) Number Start (sector) End (sector) Size Code Name 1 2048 6143 2.0 MiB EF02 2 6144 1030143 500.0 MiB 8300 ISO 1 3 1030144 7321599 3.0 GiB 8300 ISO 3 4 7321600 8345599 500.0 MiB 8200 Swap 5 8345600 8386559 20.0 MiB FD00 md0 6 8386560 390721934 182.3 GiB FD00 md1
root #mdadm --create --verbose /dev/md0 --level=1 --raid-devices=2 /dev/sda5 missing
mdadm --create --verbose /dev/md1 --level=1 --raid-devices=2 /dev/sda6 missing
Put the other drive in later
root #losetup -e AES128 -G ./ -P mr-greedy_key /dev/loop1 /dev/md1
pvcreate /dev/loop1
vgcreate vg /dev/loop1
lvcreate -n root -L 10G vg
mkfs.ext4 /dev/vg/root
emerge =sys-fs/loop-aes-3.6e
emerge -av =dev-libs/dietlibc-0.30-r2
echo "app-crypt/gnupg static" >> /etc/portage/package.use
emerge app-crypt/gnupg
This is a deprecated template. Help us update this template!