kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

dracut.cmdline.7: add NOTE about how dracut pipes key to cryptsetup

master
Amadeusz Żołnowski 13 years ago committed by Harald Hoyer
parent
506b219237
commit
173edca09e
1 changed files with 23 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 23
      dracut.cmdline.7.asc

23
dracut.cmdline.7.asc
Unescape View File

@ -233,6 +233,29 @@ rd.luks.key=/foo/bar.key @@ -233,6 +233,29 @@ rd.luks.key=/foo/bar.key
----
+
As you see, you can skip colons in such a case.
+
[NOTE]
===============================
Dracut pipes key to cryptsetup with _-d -_ argument, therefore you need to pipe
to crypsetup luksFormat with _-d -_, too!

Here follows example for key encrypted with GPG:

----
gpg --quiet --decrypt rootkey.gpg \
| cryptsetup -d - -v \
--cipher serpent-cbc-essiv:sha256 \
--key-size 256 luksFormat /dev/sda3
----

If you use plain keys, just add path to _-d_ option:

----
cryptsetup -d rootkey.key -v \
--cipher serpent-cbc-essiv:sha256 \
--key-size 256 luksFormat /dev/sda3
----
===============================

MD RAID
~~~~~~~

Write Preview
Loading…
Cancel
Save