[ale] VLM & LUKS
Scott Castaline
skotchman at gmail.com
Wed Feb 10 08:59:22 EST 2010
On 02/10/2010 02:05 AM, Brian Pitts wrote:
>
> Ah, doing dm_crypt on top of the volume group makes sense. Maybe that's
> how mine is set up too? I'd have to poke at it to find out. As you say,
> the Fedora installer doesn't make what it's doing very clear.
>
Actually from what I've been reading, you create the LUKS volume before
the VG, so the raw partition is encryted, but the partition table is
not. Basically the steps involved are:
1.fdisk
2.cryptsetup includes adding to /etc/crypttab
3.lvm prep pvcreate, vgcreate, lvcreate
4.mkfs.ext4
5.add lvs to fstab
6.they mention updating initrd as well, it's supposed to be easier to do
so in F12.
The link you had given me recommends doing a "dd if=/dev/urandom
of=/dev/sd?" before creating the partitin with fdisk. This is supposed
to make breaking the passphrase much harder at time of creation as there
will be random data on the disk. I started at about 10:30 last night, as
of 8:38 this morning it is still churning.
Prior to starting the dd with random data, I had done a pvscan and
noticed a 3rd entry (dm-1) with no label. I did determine that it
referred to the 500GB HDD that is being replaced by this 1TB HDD. My
plan is to eventually include it into another existing VG. I found it
interesting that the 1st VG had a PV of dm-2, the 2nd one has dm-0 and
the original 3rd one is dm-1. I wonder what will happen when I remove it
and then recreate the new PV?
Like I said, my wife always says that I'm not happy until I've blown
something up. We used to call it crash & burn. I remember my first job
we used to everyonce in a while compete who could crash & burn their
test system the worst and still recover the fastest. Learned alot doing
that.
More information about the Ale
mailing list