![]() Storing this key on an unencrypted / unprotected location will render the encryption useless. I suggest storing this key on an already encrypted system partition / volume to protect it. ![]() This key file needs to be kept secret as it allows to unlock the encrypted volume. $ dd if=/dev/urandom of=/etc/luks-keys/disk_secret_key bs=512 count=8 The following command will generate a file with 4 KB of random data to be used as a key to unlock the encrypted volume. These keys can be passwords entered interactively or key files passed as an argument while unlocking the encrypted partition. Usually this key is a password entered while creating the encrypted partition. To mount an encrypted volume during system startup, a key needs to be available to the system to unlock and mount the volume. ![]() Such a volume as described in Created luks encrypted partition on Linux Mint is not directly available during or after system startup. When an encrypted volume is set up afterwards, the volume remains locked until the volume is first accessed from the GUI file manager or is mounted manually. When a luks encrypted volume is set up during installation to be booted from, the volume is already configured and set up. Linux supports encrypted volumes with luks.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |