|
Size: 689
Comment: initrd ssh early
|
← Revision 9 as of 2021-01-17 02:34:01 ⇥
Size: 953
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
| * Links [[ecrypt]] , [[[https://blobfolio.com/2018/replace-grub2-with-systemd-boot-on-ubuntu-18-04/|2018-systemd-boot]] | |
| Line 7: | Line 8: |
| * http://blog.neutrino.es/2011/unlocking-a-luks-encrypted-root-partition-remotely-via-ssh/ | |
| Line 17: | Line 19: |
| * # cryptsetup -y -v luksFormat /dev/xvdc |
Linux Disk Encryption
Links ecrypt , 2018-systemd-boot
- Options
- Ontop of mounted disk, e.g. homedrive or loop module
- Full disk, key entered at bootup
- Only partial.
- Single loopback file e.g. luks.
- Multi disk layered
disks -> lvm -> encryption -> fs
disks -> individual encrypted -> combined (lvm/btrfs)
- Ideal would be to have encryption built into BTRFS so we can easily span multiple disk.
- # cryptsetup -y -v luksFormat /dev/xvdc
...