kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

dracut.cmdline.7: add NOTE about how dracut pipes key to cryptsetup

master
Amadeusz Żołnowski 2012-07-31 12:23:18 +02:00 committed by Harald Hoyer
parent 506b219237
commit 173edca09e
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
dracut.cmdline.7.asc
View File

@ -233,6 +233,29 @@ rd.luks.key=/foo/bar.key
----
+
As you see, you can skip colons in such a case.
+
[NOTE]
===============================
Dracut pipes key to cryptsetup with _-d -_ argument, therefore you need to pipe
to crypsetup luksFormat with _-d -_, too!

Here follows example for key encrypted with GPG:

----
gpg --quiet --decrypt rootkey.gpg \
| cryptsetup -d - -v \
--cipher serpent-cbc-essiv:sha256 \
--key-size 256 luksFormat /dev/sda3
----

If you use plain keys, just add path to _-d_ option:

----
cryptsetup -d rootkey.key -v \
--cipher serpent-cbc-essiv:sha256 \
--key-size 256 luksFormat /dev/sda3
----
===============================

MD RAID
~~~~~~~