Search Results

Search found 63 results on 3 pages for 'luks'.

Page 1/3 | 1 2 3  | Next Page >

  • LUKS no longer accepts my my passphrase

    - by Two Spirit
    I created a 4 drive RAID5 setup using mdadm and upgrading from 2TB drives to the new Hitachi 7200RPM 4TB drives. I can initially open my luks partition, but later can no longer access it. I can no longer access my LUKS partition even tho I have the right passphrases. It was working and then at an unknown point in time loose access to LUKS. I've used the same procedures for upgrading from 500G to 1TB to 1.5TB to 2TB. After the first time this happened a week ago, I thought maybe there was some corruption so I added a 2nd Key as a backup. After the second time the LUKS became unaccessible, none of the keys worked. I put LUKS on it using cryptsetup -c aes -s 256 -y luksFormat /dev/md0 # cryptsetup luksOpen /dev/md0 md0_crypt Enter LUKS passphrase: Enter LUKS passphrase: Enter LUKS passphrase: Command failed: No key available with this passphrase. The first time this happened while I was upgrading to 4TB drives, I thought it was a fluke, and ultimately had to recover from backups. I went an used luksAddKey to add a 2nd key as a backup. It happened again and I tried both passphrases, and neither worked. The only thing I'm doing differently this time around is that I've upgraded to 4TB drives which use GPT instead of fdisk. The last time I had to even reboot the box was over 2 years ago. I'm using ubuntu-8.04-server with kernel 2.6.24-29 and upgraded to -2.6.24-31, but that didn't fix the problem.

    Read the article

  • Encrypting a non-linux partition with LUKS.

    - by linuxn00b
    I have a non-Linux partition I want to encrypt with LUKS. The goal is to be able to store it by itself on a device without Linux and access it from the device when needed with an Ubuntu Live CD. I know LUKS can't encrypt partitions in place, so I created another, unformatted partition of the EXACT same size (using GParted's "Round to MiB" option) and ran this command: sudo cryptsetup luksFormat /dev/xxx Where xxx is the partition's device name. Then I typed in my new passphrase and confirmed it. Oddly, the command exited immediately after, so I guess it doesn't encrypt the entire partition right away? Anyway, then I ran this command: sudo cryptsetup luksOpen /dev/xxx xxx Then I tried copying the contents of the existing partition (call it yyy) to the encrypted one like this: sudo dd if=/dev/yyy of=/dev/mapper/xxx bs=1MB and it ran for a while, but exited with this: dd: writing `/dev/mapper/xxx': No space left on device just before writing the last MB. I take this to mean the contents of yyy was truncated when it was copied to xxx, because I have dd'd it before, and whenever I have dd'd to a partition of the exact same size, I never get that error. (and fdisk reports they are the same size in blocks). After a little Googling I discovered all luksFormat'ted partitions have a custom header followed by the encrypted contents. So it appears I need to create a partition exactly the size of the old one + however many bytes a LUKS header is. What size should the destination partition be, no. 1, and no. 2, am I even on the right track here? UPDATE I found this in the LUKS FAQ: I think this is overly complicated. Is there an alternative? Yes, you can use plain dm-crypt. It does not allow multiple passphrases, but on the plus side, it has zero on disk description and if you overwrite some part of a plain dm-crypt partition, exactly the overwritten parts are lost (rounded up to sector borders). So perhaps I shouldn't be using LUKS at all?

    Read the article

  • Mount a LUKS partition at boot

    - by Adam Matan
    Hi, I have installed an Ubuntu machine with two encrypted LUKS partitions: one for / and one for /home. I've reinstalled the machine to upgrade to 10.04. Again, the / is installed using LUKS, and I'm able to mount the /home using: mkdir /media/home sudo cryptsetup luksOpen /dev/sda2 home sudo mount -t ext3 /dev/mapper/home /media/home The problem is, this cryptfs mapper disappears after boot, so I putting the appropriate line in fstab fails. How do I set the cryptfs to prompt for password and unlock the drive at boot? Thanks, Adam

    Read the article

  • how to disable luks partition from showing up in nautlus panel

    - by yemu
    I have a luks setup with encrypted partition. And I don't want everyone on my computer to see that I have such partition. Unfortunately it shows up in the nautilus "devices" panel as "Encrypted partition". Is there a way to prevent it from showing there? I plan to setup authentication with a keyfile on usb, but for now I can live without the gnome authentication dialog, and open and mount the partition from command line.

    Read the article

  • why is it a risk to clone a LUKS container?

    - by laramichaels
    I recently installed Ubuntu onto an encrypted partition using the LUKS+LVM combination that the 'alternate' installer offers. Now I want to create backups of my HD. From the LUKS FAQ: 6.15 Can I clone a LUKS container? You can, but it breaks security, because the cloned container has the same header and hence the same master key. You cannot change the master key on a LUKS container, even if you change the passphrase(s), the master key stays the same. That means whoever has access to one of the clones can decrypt them all, completely bypassing the passphrases. How can the existence of a perfect clone of my encrypted HD break security if it contains the exact same information as my live encrypted HD? In which sense does keeping updated clones of my LUKS-encrypted HD around "break security"?

    Read the article

  • LUKS with LVM, mount is not persistent after reboot

    - by linxsaga
    I have created a Logical vol and used luks to encrypt it. But while rebooting the server. I get a error message (below), therefore I would have to enter the root pass and disable the /etc/fstab entry. So mount of the LUKS partition is not persistent during reboot using LUKS. I have this setup on RHEL6 and wondering what i could be missing. I want to the LV to get be mount on reboot. Later I would want to replace it with UUID instead of the device name. Error message on reboot: "Give root password for maintenance (or type Control-D to continue):" Here are the steps from the beginning: [root@rhel6 ~]# pvcreate /dev/sdb Physical volume "/dev/sdb" successfully created [root@rhel6 ~]# vgcreate vg01 /dev/sdb Volume group "vg01" successfully created [root@rhel6 ~]# lvcreate --size 500M -n lvol1 vg01 Logical volume "lvol1" created [root@rhel6 ~]# lvdisplay --- Logical volume --- LV Name /dev/vg01/lvol1 VG Name vg01 LV UUID nX9DDe-ctqG-XCgO-2wcx-ddy4-i91Y-rZ5u91 LV Write Access read/write LV Status available # open 0 LV Size 500.00 MiB Current LE 125 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 253:0 [root@rhel6 ~]# cryptsetup luksFormat /dev/vg01/lvol1 WARNING! ======== This will overwrite data on /dev/vg01/lvol1 irrevocably. Are you sure? (Type uppercase yes): YES Enter LUKS passphrase: Verify passphrase: [root@rhel6 ~]# mkdir /house [root@rhel6 ~]# cryptsetup luksOpen /dev/vg01/lvol1 house Enter passphrase for /dev/vg01/lvol1: [root@rhel6 ~]# mkfs.ext4 /dev/mapper/house mke2fs 1.41.12 (17-May-2010) Filesystem label= OS type: Linux Block size=1024 (log=0) Fragment size=1024 (log=0) Stride=0 blocks, Stripe width=0 blocks 127512 inodes, 509952 blocks 25497 blocks (5.00%) reserved for the super user First data block=1 Maximum filesystem blocks=67633152 63 block groups 8192 blocks per group, 8192 fragments per group 2024 inodes per group Superblock backups stored on blocks: 8193, 24577, 40961, 57345, 73729, 204801, 221185, 401409 Writing inode tables: done Creating journal (8192 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 21 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override. [root@rhel6 ~]# mount -t ext4 /dev/mapper/house /house PS: HERE I have successfully mounted: [root@rhel6 ~]# ls /house/ lost+found [root@rhel6 ~]# vim /etc/fstab -> as follow /dev/mapper/house /house ext4 defaults 1 2 [root@rhel6 ~]# vim /etc/crypttab -> entry as follows house /dev/vg01/lvol1 password [root@rhel6 ~]# mount -o remount /house [root@rhel6 ~]# ls /house/ lost+found [root@rhel6 ~]# umount /house/ [root@rhel6 ~]# mount -a -> SUCCESSFUL AGAIN [root@rhel6 ~]# ls /house/ lost+found Please let me know if I am missing anything here. Thanks in advance.

    Read the article

  • Kubuntu 9.10: LUKS-encrypt entire partition

    - by Adam Matan
    Hi, In older versions of Ubuntu, mainly 8.04, I could encrypt en entire partition using LUKS, and mount it as /. the /boot directory was mounted on another partition. At boot time, I had to enter my password to enable any access to anything other than /boot. In Kubuntu 9.10, I only have the option to encrypt my /home/adam directory, which is a bit of a problem for me because I have sensitive data located in other directories. Any ideas how to set up LUKS for the entire disk, preferably during installation? Thanks in advance, Adam

    Read the article

  • How to automaticaly mount luks-partition only when disk is plugged in

    - by Frederick Roth
    I have the following scenario: I want to automatically backup some data from my Laptop(Fedora Core 17) to a external encrypted(luks) hard disk. The disk can be opened by a key file, which lies on the also encrypted root partition of my laptop. The hard disk is attached to my docking station and therefore only "present" when I am at home (which is approximately 1/2 of the time the Laptop runs) I have everything set up the way I want it with one exception. I don't get a decent way to mount the hard disk automatically at boot if and only if it is present. If I add it to crypttab and fstab without noauto it tries to mount it at boot and takes a lot(!) of time and error messages when it is not present. If I add noauto, well it does not mount automatically ;) Is there a way to configure luks/crypttab to do the following: check whether the disk is present if yes: decrypt/mount if no: just don't

    Read the article

  • High I/O latency with software RAID, LUKS encrypted and LVM partitioned KVM setup

    - by aef
    I found out a performance problems with a Mumble server, which I described in a previous question are caused by an I/O latency problem of unknown origin. As I have no idea what is causing this and how to further debug it, I'm asking for your ideas on the topic. I'm running a Hetzner EX4S root server as KVM hypervisor. The server is running Debian Wheezy Beta 4 and KVM virtualisation is utilized through LibVirt. The server has two different 3TB hard drives as one of the hard drives was replaced after S.M.A.R.T. errors were reported. The first hard disk is a Seagate Barracuda XT ST33000651AS (512 bytes logical, 4096 bytes physical sector size), the other one a Seagate Barracuda 7200.14 (AF) ST3000DM001-9YN166 (512 bytes logical and physical sector size). There are two Linux software RAID1 devices. One for the unencrypted boot partition and one as container for the encrypted rest, using both hard drives. Inside the latter RAID device lies an AES encrypted LUKS container. Inside the LUKS container there is a LVM physical volume. The hypervisor's VFS is split on three logical volumes on the described LVM physical volume: one for /, one for /home and one for swap. Here is a diagram of the block device configuration stack: sda (Physical HDD) - md0 (RAID1) - md1 (RAID1) sdb (Physical HDD) - md0 (RAID1) - md1 (RAID1) md0 (Boot RAID) - ext4 (/boot) md1 (Data RAID) - LUKS container - LVM Physical volume - LVM volume hypervisor-root - LVM volume hypervisor-home - LVM volume hypervisor-swap - … (Virtual machine volumes) The guest systems (virtual machines) are mostly running Debian Wheezy Beta 4 too. We have one additional Ubuntu Precise instance. They get their block devices from the LVM physical volume, too. The volumes are accessed through Virtio drivers in native writethrough mode. The IO scheduler (elevator) on both the hypervisor and the guest system is set to deadline instead of the default cfs as that happened to be the most performant setup according to our bonnie++ test series. The I/O latency problem is experienced not only inside the guest systems but is also affecting services running on the hypervisor system itself. The setup seems complex, but I'm sure that not the basic structure causes the latency problems, as my previous server ran four years with almost the same basic setup, without any of the performance problems. On the old setup the following things were different: Debian Lenny was the OS for both hypervisor and almost all guests Xen software virtualisation (therefore no Virtio, also) no LibVirt management Different hard drives, each 1.5TB in size (one of them was a Seagate Barracuda 7200.11 ST31500341AS, the other one I can't tell anymore) We had no IPv6 connectivity Neither in the hypervisor nor in guests we had noticable I/O latency problems According the the datasheets, the current hard drives and the one of the old machine have an average latency of 4.12ms.

    Read the article

  • Resizing a LUKS encrypted volume

    - by mgorven
    I have a 500GiB ext4 filesystem on top of LUKS on top of an LVM LV. I want to resize the LV to 100GiB. I know how to resize ext4 on top of an LVM LV, but how do I deal with the LUKS volume? mgorven@moab:~% sudo lvdisplay /dev/moab/backup --- Logical volume --- LV Name /dev/moab/backup VG Name moab LV UUID nQ3z1J-Pemd-uTEB-fazN-yEux-nOxP-QQair5 LV Write Access read/write LV Status available # open 1 LV Size 500.00 GiB Current LE 128000 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 2048 Block device 252:3 mgorven@moab:~% sudo cryptsetup status backup /dev/mapper/backup is active and is in use. type: LUKS1 cipher: aes-cbc-essiv:sha256 keysize: 256 bits device: /dev/mapper/moab-backup offset: 3072 sectors size: 1048572928 sectors mode: read/write mgorven@moab:~% sudo tune2fs -l /dev/mapper/backup tune2fs 1.42 (29-Nov-2011) Filesystem volume name: backup Last mounted on: /srv/backup Filesystem UUID: 63877e0e-0549-4c73-8535-b7a81eb363ed Filesystem magic number: 0xEF53 Filesystem revision #: 1 (dynamic) Filesystem features: has_journal ext_attr resize_inode dir_index filetype extent flex_bg sparse_super large_file huge_file uninit_bg dir_nlink extra_isize Filesystem flags: signed_directory_hash Default mount options: (none) Filesystem state: clean with errors Errors behavior: Continue Filesystem OS type: Linux Inode count: 32768000 Block count: 131071616 Reserved block count: 0 Free blocks: 112894078 Free inodes: 32044830 First block: 0 Block size: 4096 Fragment size: 4096 Reserved GDT blocks: 992 Blocks per group: 32768 Fragments per group: 32768 Inodes per group: 8192 Inode blocks per group: 512 RAID stride: 128 RAID stripe width: 128 Flex block group size: 16 Filesystem created: Sun Mar 11 19:24:53 2012 Last mount time: Sat May 19 13:29:27 2012 Last write time: Fri Jun 1 11:07:22 2012 Mount count: 0 Maximum mount count: 100 Last checked: Fri Jun 1 11:03:50 2012 Check interval: 31104000 (12 months) Next check after: Mon May 27 11:03:50 2013 Lifetime writes: 118 GB Reserved blocks uid: 0 (user root) Reserved blocks gid: 0 (group root) First inode: 11 Inode size: 256 Required extra isize: 28 Desired extra isize: 28 Journal inode: 8 Default directory hash: half_md4 Directory Hash Seed: 383bcbc5-fde9-4720-b98e-2d6224713ecf Journal backup: inode blocks

    Read the article

  • Bad performance with Linux software RAID5 and LUKS encryption

    - by Philipp Wendler
    I have set up a Linux software RAID5 on three hard drives and want to encrypt it with cryptsetup/LUKS. My tests showed that the encryption leads to a massive performance decrease that I cannot explain. The RAID5 is able to write 187 MB/s [1] without encryption. With encryption on top of it, write speed is down to about 40 MB/s. The RAID has a chunk size of 512K and a write intent bitmap. I used -c aes-xts-plain -s 512 --align-payload=2048 as the parameters for cryptsetup luksFormat, so the payload should be aligned to 2048 blocks of 512 bytes (i.e., 1MB). cryptsetup luksDump shows a payload offset of 4096. So I think the alignment is correct and fits to the RAID chunk size. The CPU is not the bottleneck, as it has hardware support for AES (aesni_intel). If I write on another drive (an SSD with LVM) that is also encrypted, I do have a write speed of 150 MB/s. top shows that the CPU usage is indeed very low, only the RAID5 xor takes 14%. I also tried putting a filesystem (ext4) directly on the unencrypted RAID so see if the layering is problem. The filesystem decreases the performance a little bit as expected, but by far not that much (write speed varying, but 100 MB/s). Summary: Disks + RAID5: good Disks + RAID5 + ext4: good Disks + RAID5 + encryption: bad SSD + encryption + LVM + ext4: good The read performance is not affected by the encryption, it is 207 MB/s without and 205 MB/s with encryption (also showing that CPU power is not the problem). What can I do to improve the write performance of the encrypted RAID? [1] All speed measurements were done with several runs of dd if=/dev/zero of=DEV bs=100M count=100 (i.e., writing 10G in blocks of 100M). Edit: If this helps: I'm using Ubuntu 11.04 64bit with Linux 2.6.38. Edit2: The performance stays approximately the same if I pass a block size of 4KB, 1MB or 10MB to dd.

    Read the article

  • Why is mkfs overwriting the LUKS encryption header on LVM on RAID partitions on Ubuntu 12.04?

    - by Starchy
    I'm trying to setup a couple of LUKS-encrypted partitions to be mounted after boot-time on a new Ubuntu server which was installed with LVM on top of software RAID. After running cryptsetup luksFormat, the LUKS header is clearly visible on the volume. After running any flavor of mkfs, the header is overwritten (which does not happen on other systems that were setup without LVM), and cryptsetup will no longer recognize the device as a LUKS device. # cryptsetup -y --cipher aes-cbc-essiv:sha256 --key-size 256 luksFormat /dev/dm-1 WARNING! ======== This will overwrite data on /dev/dm-1 irrevocably. Are you sure? (Type uppercase yes): YES Enter LUKS passphrase: Verify passphrase: # hexdump -C /dev/dm-1|head -n5 00000000 4c 55 4b 53 ba be 00 01 61 65 73 00 00 00 00 00 |LUKS....aes.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 63 62 63 2d 65 73 73 69 |........cbc-essi| 00000030 76 3a 73 68 61 32 35 36 00 00 00 00 00 00 00 00 |v:sha256........| 00000040 00 00 00 00 00 00 00 00 73 68 61 31 00 00 00 00 |........sha1....| # cryptsetup luksOpen /dev/dm-1 web2-var # mkfs.ext4 /dev/mapper/web2-var [..snip..] Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done # hexdump -C /dev/dm-1|head -n5 # cryptsetup luksClose /dev/mapper/web2-var 00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00000400 00 40 5d 00 00 88 74 01 66 a0 12 00 17 f2 6d 01 |.@]...t.f.....m.| 00000410 f5 3f 5d 00 00 00 00 00 02 00 00 00 02 00 00 00 |.?].............| 00000420 00 80 00 00 00 80 00 00 00 20 00 00 00 00 00 00 |......... ......| # cryptsetup luksOpen /dev/dm-1 web2-var Device /dev/dm-1 is not a valid LUKS device. I have also tried mkfs.ext2 with the same result. Based on setups I've done successfully on Debian and Ubuntu (but not LVM or Ubuntu 12.04), it's hard to see why this is failing.

    Read the article

  • Can I specify PBKDF2 rounds to use with LUKS/dm-crypt?

    - by Naftuli Tzvi Kay
    I have encrypted my root partition with dm-crypt/LUKS/cryptsetup on Ubuntu 12.04. Since it uses PBKDF2: Is it possible, during creation of the encrypted disk, to specify a custom amount of PBKDF2 iterations for key derivation? Is it possible, after the encrypted disk has already been created, to modify the amount of PBKDF2 iterations for key derivation? I'd like to make it a little harder to brute-force :)

    Read the article

  • How to verify that a physical volume is encrypted? (Ubuntu 10.04 w/ LUKS)

    - by Bob B.
    I am very new to LUKS. During installation, I tried to set up an encrypted physical volume so that everything underneath it would be encrypted. I chose "Use as: physical volume for encryption," the installation completed and I have a working environment. How can I verify that the PV is indeed encrypted? I was never prompted to provide a passphrase, so I most likely missed a step somewhere. At the end of the day, I'd like whole disk encryption if that's possible, so I don't have to worry about which parts of the file system are encrypted and which aren't. If I did miss something, do I have to start over and try again, or can it be done (relatively easily?) after the fact? I would prefer not to introduce more complexity by using TrueCrypt, etc. Environment details: The drives are md raid1. One volume group. A standard boot lv. An encrypted swap lv using a random key (which seems to be working fine). Thank you in advance for your help. This is very much a learn-as-I-go experience.

    Read the article

  • Convert from EFI to BIOS boot

    - by Lukas F.
    I have a Samsung Notebook NP900X4C with an LUKS encrypted installation of Linux Mint 15 on it. The system is booting in UEFI mode. The problem is that the samsung-notebook kernel module is disabled in UEFI mode and due to that I am missing features like the keyboard backlight. Is it possible to modify the current installtion so it can boot in BIOS mode? Is this correct that the basic steps would be converting the disk from GPT to MBR and installing grub from a live CD? Would this be possible with a LUKS partition?

    Read the article

  • Run fstrim from LiveCD

    - by CharlesW
    A few years ago I installed Ubuntu 10.04 with LVM + LUKS on a system with SSD, TRIM was not enabled. Now I want to install Ubuntu 12.04 on the same SSD. I have found a guide explaining how to enable TRIM on Ubuntu 12.04 with LVM + LUKS, but before installing the new system, I want to clean out all the "marked for deletion" data generated under Ubuntu 10.04, to make the disk fast as new. My plan is to boot a Ubuntu 12.04 LiveCD and create a new ext4 filesystem on the SSD, then mount the filesystem and run fstrim on it. After rebooting the LiveCD I will install the system as normal, and enable TRIM. Can anybody say if this will work?

    Read the article

  • Testdisk won’t list files for an ext4 partition inside a LVM inside a LUKS partition

    - by user1598585
    I have accidentally deleted a file that I want to recover. The partition is an ext4 partition inside an LVM partition that is encrypted with dm-crypt/LUKS. The encrypted LUKS partition is: /dev/sda2 which contains a physical volume, with a single volume group, mapped to: /dev/mapper/system And the logical volume, the ext4 partition is mapped to: /dev/mapper/system-home A # testdisk /dev/mapper/system-home will notice it as an ext4 partition but tells me that the partition seems damaged when I try to list the files. If I # testdisk /dev/mapper/system it will detect all the partitions, but the same happens if I try to list their files. Am I doing something wrong or is it a known bug? I have searched but haven’t found any clue.

    Read the article

  • LUKS-Encrypted Root Partition in Ubuntu 9.04

    - by Martindale
    I have a LUKS-encrypted root partition that I have installed Ubuntu 9.04 to. I have of course placed /boot on a separate ext2 partition, and my boot loader loads and functions correctly. However, I can't seem to get my initrd to load the LUKS-encrypted root using the appropriate /dev/mapper/ address. What hooks and scripts do I need to add to get this to function correctly, and what is the correct way to regenerate my initrd? I can CHROOT into this install, and everything works fine - but I just can't seem to get it to actually boot. Help!

    Read the article

  • Forgotten LUKS passphrase

    - by Ansh David
    i am stuck with a big problem. I have encrypted my linux drive with LUKS and now I can't remember it. During boot, it prompts me for the passphrase, but I went into troubleshooting mode and deleted the entry from /etc/crypttab so at least I can boot now into my account but that doesn't solve the problem. I can't access my drive /dev/sda5. Can someone please show me a way to crack the passphrase or is there no way around it.

    Read the article

  • How to mount LUKS partition securely on server

    - by Ency
    I'm curious if it is possible to mount a partition encrypted by cryptsetup with LUKS securely and automatically on Ubuntu 10.0.4 LTS. For example, if I use the key for the encrypted partition, than that key has to be presented on a device that is not encrypted and if someone steals my disk they'll be able to find the key and decrypt the partition. Is there any safe way to mount an encrypted partition? If not, does anything exist to do what I want?

    Read the article

  • How can one unlock a fully encrypted Ubuntu 11.10 system over SSH at boot?

    - by Jeff
    In previous versions of Ubuntu, and current versions of Debian, you can unlock a fully encrypted system (using dmcrypt and LUKS) at boot time over SSH. It was as easy as: Installing the encrypted system using the Ubuntu alternate installer disk or normal Debian installer disk and choosing to encrypt the system. After the system is installed, adding the dropbear and busybox packages. Updating the initram-fs to authorize your ssh key. At boot time, you'd just ssh to the machine, and do: echo -ne "keyphrase" > /lib/cryptsetup/passfifo The machine would then unlock and boot the encrypted system. Using the exact same steps on Ubuntu 11.10, I can ssh to the machine, but /lib/cryptsetup/passfifo doesn't exist. There appears to be no way to unlock the system over ssh. I'm not sure where to look to see if this functionality changed or if it was removed.

    Read the article

  • How to install Ubuntu 12.04.1 in EFI mode with Encrypted LVM?

    - by g0lem
    I'm trying to properly install Ubuntu 12.04.1 LTS 64-bit PC (AMD64) with the alternate install CD ".iso" on a lenovo Thinkpad X220. Default Hard Disk (with a pre-installed version of Windows 7) has been replaced with a brand new SSD. The UEFI BIOS of the lenovo Thinkpad X220 is set to "UEFI Boot only" & "USB UEFI BIOS Support" is enabled (I'm using an external USB DVD reader to perform Ubuntu installation). The BIOS is a Phoenix SecureCore Tiano, BIOS version is 8DET56WW (1.26). The attempts below are made with the UEFI BIOS settings described above. Here's what I've tried so far: Boot on a live GParted CD Create a GPT partition table Create a FAT32 partition for UEFI System, set the partition to "EF00" type ("boot" flag) Leave remaining space unformated Boot on Ubuntu 12.04.1 LTS 64-bit PC (AMD64) with alternate CD: Perform the install with network updates enabled Use manual partitioning FAT32 partition created with GParted is used as "EFI System partition" Remaining space is set to be used as "Physical volume for LVM" Then "Configure encrypted volumes" using the previous "Physical volume for LVM" as the encrypted container, passphrase is setup. "Configure the Logical Volume Manager" creating a volume Group using the encrypted container /dev/mapper/sda2_crypt Creation of the Logical Volumes "Create logical volume", choosing the previously created volume Group Assign a mount point and file system to the Logical volumes : LV-root for / LV-var for /var LV-usr for /usr LV-usr-local for /usr/local LV-swap for swap LV-home for /home NOTE: /tmp would be in RAM only using TMPFS Bootloader step: neither my ESP partition (/dev/sda1, /dev/sda or MBR) seems to be the right place for GRUB, I get the following message (X suffix is for demonstration only): unable to install grub in /dev/sdaX Executing 'grub-install /dev/sdaX' failed This is a fatal error. Finish installation without the Bootloader & Reboot The system doesn't start, there's no EFI/GRUB menu at startup. What are the steps to perform a clean and working installation of Ubuntu 12.04.1 Precise Pangolin, 64bit version in U(EFI) mode using the encrypted LUKS + LVM scheme described above?

    Read the article

  • How to modify partitions after install?

    - by ChocoDeveloper
    I wanted to have Ubuntu with full disk encryption on one big partition, and Windows on a small one. In 12.04, only the Server Edition installer has full disk encryption, so I used that and then installed ubuntu-desktop. When it asked for the size, I reduced it from ~999GB to ~750gb. Now after the install, on both gparted and disk utility I see /dev/sda2 taking ~931GB, and nothing unallocated, so I can't create a partition for windows. I got the size right, because when I right-click inside a folder, then hit 'properties', I see Free space: ~690GB (I don't know why it's not ~750GB, but at least it's not 900). The command df -h shows the same. So what can I do? Normally I would just resize a partition with gparted to create unallocated space, then create the partition. But here I have two problems: gparted does not seem to be showing the correct values, and also it says it does not support LUKS so I'm afraid it will mess things up. Any thoughts?

    Read the article

1 2 3  | Next Page >