HomeHowto install Debian Linux onto a USB thumb drive with the root partition encrypted (using UUIDs, Initramfs-tools & Dm-Crypt)

Reply to comment

Thu, 10/11/2007 - 8:03am — Ravnos (not verified)

Just found out how to do

Just found out how to do this:
edit /etc/initramfs-tools/hooks/cryptroot to add the key file to the boot image:

  1. # Prepare the initramfs
  2. copy_exec /sbin/cryptsetup /sbin
  3. copy_exec /sbin/dmsetup /sbin
  4. copy_exec <path to my key file>/my.key /sbin
  5.  
  6. # Done
  7. exit 0

then edit /etc/initramfs-tools/scripts/local-top/cryptroot to use the key file instead of reading from console:

  1.                 else
  2.                         # $cryptcreate < /dev/console > /dev/console 2>&1
  3.                         $cryptcreate --key-file=/sbin/my.key
  4.                 fi

finally run this to recreate the image:

  1. update-initramfs -u

Done ! How could I improve it ? Reading a key file from inside the boot image isn't really smart :P

Reply

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>. Beside the tag style "<foo>" it is also possible to use "[foo]".

More information about formatting options