Permanently Deleted

  • gvngndz [none/use name,comrade/them]
    ·
    edit-2
    4 years ago

    I managed to set up Arch by myself once, but after that I just switched to using installers instead. I'm not going to go through the hour long process (assuming you don't make any mistakes) of making a LUKS2 encrypted btrfs partition again.

    • linux [none/use name]
      ·
      4 years ago

      I'm curious, why did you use veracrypt rather than something like LUKS?

      • gvngndz [none/use name,comrade/them]
        ·
        edit-2
        4 years ago

        Edit: I just realised that I mixed up the words, yeah I used LUKS2, I just mixed up the names.

        I'll edit the original comment.

        • PorkrollPosadist [he/him, they/them]
          ·
          4 years ago

          The things you can do with LVM and device-mapper are jaw dropping, but issuing so many commands that deal directly with disks and partitions and volumes and filesystems makes my ass so tight you couldn't pull a needle out of it. Anyway, I've never tried LUKS, but I did just set up an SSD cache for my 3TB HDD using lvmcache.

          • captcha [any]
            ·
            4 years ago

            LUKS is fairly easy to setup on its own. Everything is done through the cryptsetup tool.

            1. format a device with cryptsetup luksFormat /dev/sdX
            2. open with cryptsetup luksOpen /dev/sdX myContainer
            3. new device is available under /dev/mapper/myContainer

            Linux will treat the opened container as a new disk so you can give it a file system or create a lvm device out of it. You can even have an LVM volume contain a LUKS container which contains another LVM volume group, etc.

            The hard part about LUKS is getting your system to open it on boot. For that refer to the archwiki.

            • PorkrollPosadist [he/him, they/them]
              ·
              4 years ago

              Right, that makes sense. I've managed to avoid building an initramfs by only using LVM for /home and leaving / as a regular btrfs partition, but you certainly do enter the "keys are locked inside the car" situation when you're trying to load the modules for encrypted filesystems from an encrypted filesystem.

              • captcha [any]
                ·
                4 years ago

                Changes to the initramfs are easy and well documented. Just edit /etc/mikincpio.conf and run sudo mkinitcpio -p linux.

                The hard part is telling your bootloader to use the luks module you added to the initramfs. It changes depending on your bootloader.