Markus

Asked: 2019-07-04 01:55:29 +0800 CST2019-07-04 01:55:29 +0800 CST 2019-07-04 01:55:29 +0800 CST

Decrypt Volume while bootup with keyfile OR password

A dynamically growing .img-file is mounted to my user's home directory. Its file system is btrfs and it's encrypted via LUKS.

Keyslot 0: A file created by

dd if=/dev/urandom of=<some file> bs=512 count=8

Keyslot 1: A password for manual decrition.

The keyfile is located on a thumbdrive which, when inserted, is automatically mounted at

/mnt/clavis

What I'm trying to accomplish:

On boottime the system tries to find /mnt/clavis/home.key
If this fails (e.g. if the thumbdrive isn't inserted): Prompt for password.

The following setups are working:

/etc/crypttab
home <path to image> none luks,discard

And (when the thumbdrive is inserted):

/etc/crypttab
home <path to image> /mnt/clavis/home.key luks,discard

However it does not work when the thumbdrive isn't inserted. It just hangs for some time and then continues to boot without mounting /home/. I can then manually luksOpen the image but invoking cryptdisks_start home fails.

What am I doing wrong? Tutorials on how to use password- and keyfile-based encryption simultaneously are hard to find.

I'm using Ubuntu 19.04.

Decrypt Volume while bootup with keyfile OR password

How to install Google Chrome

Is there a command to list all users? Also to add, delete, modify users, in the terminal?

How to delete a non-empty directory in Terminal?

How to unzip a zip file from the Terminal?

How can I copy the contents of a folder to another folder in a different directory using terminal?

How do I install a .deb file via the command line?

How do I run .sh scripts?

How do I install a .tar.gz (or .tar.bz2) file?

How to list all installed packages

Unable to lock the administration directory (/var/lib/dpkg/) is another process using it?

Decrypt Volume while bootup with keyfile OR password

0 Answers