Hi Patrick, Thanks a lot for providing very detailed information.
[...] > > Well, it would be a nice start to be able to specify a passphrase in the > disk_config. Shouldn't be that hard, I guess. > On implementation side its possible to feed the passphrase with the aid > of yes to cryptsetup, e.g. something like this: > Indeed, it was easy :-) - as of 4.0~beta2+experimental17 you should be able to use luks:"Your passphrase" / ... instead of just "luks" to get a device encrypted with the passphrase of your choice. The crypttab then has "none" for the keyfile name, which should make it ask you for a passphrase at bootup. Big fat WARNING: this is untested, but testing would be much appreciated :-) [...] > > It currently almost works. Fresh installed system now asks for the > passphrase, accepts it and unlocks the rootdev. Unfortunately the initrd > scripts don't seem to understand that it now has to re-initialize the > LVM volume groups so that the rootdev is actually available. > [...] If you figure out how to make things work, please share your insights. Maybe we can add some code to FAI to make it work out-of-the-box. Hope this helps, Michael
pgpH2epqRAGmS.pgp
Description: PGP signature
