November 18

Linux: LUKS setup on a Linux mdadm raid setup

cryptsetup luksFormat /dev/md0
cryptsetup isLuks /dev/md0 && echo Success
cryptsetup luksDump /dev/md0
cryptsetup luksUUID /dev/md0
cryptsetup luksOpen /dev/md0 422d7f7c-2d98-48df-abe5-239def725f18
dmsetup info 422d7f7c-2d98-48df-abe5-239def725f18
ls /dev/mapper/

Setup auto login from the gui.

-------------------------------------------------------------------------
If using the command line you can do the following:
Create a key to unlock the volume
dd if=/dev/urandom of=/etc/luks-keys/disk_secret_key bs=512 count=8

cryptsetup -v luksAddKey /dev/md0 /etc/luks-keys/disk_secret_key
Enter any passphrase: passphrase
Key slot 0 unlocked.
Command successful.

cryptsetup luksDump /dev/md0 | grep "Key Slot"

cryptsetup -v luksOpen /dev/md0 md0_crypt --key-file=/etc/luks-keys/disk_secret_key
Key slot 1 unlocked.
Command successful.

cryptsetup -v luksClose md0_crypt
Command successful.

cryptsetup luksDump /dev/md0 | grep "UUID"
UUID:          	2a5588ce-2262-413c-a6a8-fcbc65847c85

Edit the /etc/crypttab
md0_crypt UUID=2a5588ce-2262-413c-a6a8-fcbc65847c85 /etc/luks-keys/disk_secret_key luks 

cat /etc/crypttab
luks-422d7f7c-2d98-48df-abe5-239def725f18 UUID=422d7f7c-2d98-48df-abe5-239def725f18 /etc/luks-keys/disk_secret_key nofail

Verify
cryptdisks_start md0_crypt

Posted November 18, 2021 by Timothy Conrad in category "Linux

About the Author

If I were to describe myself with one word it would be, creative. I am interested in almost everything which keeps me rather busy. Here you will find some of my technical musings. Securely email me using - PGP: 4CB8 91EB 0C0A A530 3BE9 6D76 B076 96F1 6135 0A1B View all posts by Timothy Conrad