-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Encrypted Filesystems #10
Labels
Comments
Comment by mdhorn Reference external Pull Request |
mdhorn
added a commit
to mdhorn/clr-installer
that referenced
this issue
Nov 20, 2018
Fixes clearlinux#10 Enable encrypted partitions for all but /boot. A single passphrase is used for all partitions which enable encryption expect swap, which currently uses a random password each boot. NOTE: If we need to support a large swap for laptop suspend/restore, we should change from a random passphrase to the same known passphrase. /etc/crypttab will attempt to use either the disk label or the UUID to identify the disk instead of the physical disk name. Swap partition would normally loose its UUID or Label each boot due to dm-crypt and mkswap overwriting the connect. To maintain identification of the partition, we use a trick from here: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption of creating a small (1M) ext2 partition with label at the beginning of the swap partition, then use an offset in the /etc/crypttab to prevent overwriting this information. Signed-off-by: Mark D Horn <mark.d.horn@intel.com>
mdhorn
added a commit
to mdhorn/clr-installer
that referenced
this issue
Nov 20, 2018
Fixes clearlinux#10 Enable encrypted partitions for all but /boot. A single passphrase is used for all partitions which enable encryption expect swap, which currently uses a random password each boot. NOTE: If we need to support a large swap for laptop suspend/restore, we should change from a random passphrase to the same known passphrase. /etc/crypttab will attempt to use either the disk label or the UUID to identify the disk instead of the physical disk name. Swap partition would normally loose its UUID or Label each boot due to dm-crypt and mkswap overwriting the connect. To maintain identification of the partition, we use a trick from here: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption of creating a small (1M) ext2 partition with label at the beginning of the swap partition, then use an offset in the /etc/crypttab to prevent overwriting this information. Signed-off-by: Mark D Horn <mark.d.horn@intel.com>
mdhorn
added a commit
to mdhorn/clr-installer
that referenced
this issue
Nov 26, 2018
Fixes clearlinux#10 Enable encrypted partitions for all but /boot. A single passphrase is used for all partitions which enable encryption expect swap, which currently uses a random password each boot. NOTE: If we need to support a large swap for laptop suspend/restore, we should change from a random passphrase to the same known passphrase. /etc/crypttab will attempt to use either the disk label or the UUID to identify the disk instead of the physical disk name. Swap partition would normally loose its UUID or Label each boot due to dm-crypt and mkswap overwriting the connect. To maintain identification of the partition, we use a trick from here: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption of creating a small (1M) ext2 partition with label at the beginning of the swap partition, then use an offset in the /etc/crypttab to prevent overwriting this information. Signed-off-by: Mark D Horn <mark.d.horn@intel.com>
mdhorn
added a commit
to mdhorn/clr-installer
that referenced
this issue
Nov 27, 2018
Fixes clearlinux#10 Enable encrypted partitions for all but /boot. A single passphrase is used for all partitions which enable encryption expect swap, which currently uses a random password each boot. NOTE: If we need to support a large swap for laptop suspend/restore, we should change from a random passphrase to the same known passphrase. /etc/crypttab will attempt to use either the disk label or the UUID to identify the disk instead of the physical disk name. Swap partition would normally loose its UUID or Label each boot due to dm-crypt and mkswap overwriting the connect. To maintain identification of the partition, we use a trick from here: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption of creating a small (1M) ext2 partition with label at the beginning of the swap partition, then use an offset in the /etc/crypttab to prevent overwriting this information. Signed-off-by: Mark D Horn <mark.d.horn@intel.com>
mdhorn
added a commit
to mdhorn/clr-installer
that referenced
this issue
Nov 29, 2018
Fixes clearlinux#10 Enable encrypted partitions for all but /boot. A single passphrase is used for all partitions which enable encryption expect swap, which currently uses a random password each boot. NOTE: If we need to support a large swap for laptop suspend/restore, we should change from a random passphrase to the same known passphrase. /etc/crypttab will attempt to use either the disk label or the UUID to identify the disk instead of the physical disk name. Swap partition would normally loose its UUID or Label each boot due to dm-crypt and mkswap overwriting the connect. To maintain identification of the partition, we use a trick from here: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption of creating a small (1M) ext2 partition with label at the beginning of the swap partition, then use an offset in the /etc/crypttab to prevent overwriting this information. Signed-off-by: Mark D Horn <mark.d.horn@intel.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue by mdhorn
Friday Mar 02, 2018 at 22:19 GMT
The text was updated successfully, but these errors were encountered: