Newbie questions: how to configure and mount an encrypted partition on bootup?
I am totally new to dm-crypt. My OS is RHEL5/6.
Here is what I want to do:
I have a system that is pxebooted and the root fs is nfs mounted from
another server. But I have a local disk that can be used as an encrypted
storage perhaps for user data. In the beginning it's blank with no partitions.
So the first time I would let the user to decide how to partition and
set up LUKS. From that point on each subsequent boot would automatically mount the encrypted partitions as configured.
I am looking for general programmable way to achieve this. Maybe
someone has done the exact thing before.
1. On first boot, how should I modify the initramfs to prompt the
user to set up LUKS? Or initramfs is not the way, what else?
2. On each subsequent boot, how would I let dm-crypt to
automatically retrieve the passphrase once the user logins into the system. Assume that the passphrase has been stored on the same server to store the root fs. I don't want to force him to type in the LUKS passphrase again to unlock the partitions.
dm-crypt mailing list