[ale] VLM & LUKS

Scott Castaline skotchman at gmail.com
Wed Feb 10 08:59:22 EST 2010


On 02/10/2010 02:05 AM, Brian Pitts wrote:
>
> Ah, doing dm_crypt on top of the volume group makes sense. Maybe that's
> how mine is set up too? I'd have to poke at it to find out. As you say,
> the Fedora installer doesn't make what it's doing very clear.
>
Actually from what I've been reading, you create the LUKS volume before 
the VG, so the raw partition is encryted, but the partition table is 
not. Basically the steps involved are:
1.fdisk
2.cryptsetup includes adding to /etc/crypttab
3.lvm prep pvcreate, vgcreate, lvcreate
4.mkfs.ext4
5.add lvs to fstab
6.they mention updating initrd as well, it's supposed to be easier to do 
so in F12.

The link you had given me recommends doing a "dd if=/dev/urandom 
of=/dev/sd?" before creating the partitin with fdisk. This is supposed 
to make breaking the passphrase much harder at time of creation as there 
will be random data on the disk. I started at about 10:30 last night, as 
of 8:38 this morning it is still churning.

Prior to starting the dd with random data, I had done a pvscan and 
noticed a 3rd entry (dm-1) with no label. I did determine that it 
referred to the 500GB HDD that is being replaced by this 1TB HDD. My 
plan is to eventually include it into another existing VG. I found it 
interesting that the 1st VG had a PV of dm-2, the 2nd one has dm-0 and 
the original 3rd one is dm-1. I wonder what will happen when I remove it 
and then recreate the new PV?

Like I said, my wife always says that I'm not happy until I've blown 
something up. We used to call it crash & burn. I remember my first job 
we used to everyonce in a while compete who could crash & burn their 
test system the worst and still recover the fastest. Learned alot doing 
that.


More information about the Ale mailing list