mirror of https://github.com/sheychen290/usbcrypt
1019 B
1019 B
Usbcrypt
Usbcrypt add support for encrypted system with luks encrypted keyfile on external drive
Prerequisities
Installing
- On existing encrypt boot
- sdX0 : key partition
- sdY0 : luks drive
- Create key on existing small partition
dd if=/dev/zero of=/dev/sdX0
cryptsetup luksFormat /dev/sdX0
cryptsetup open /dev/sdX0 key
dd if=/dev/random of=/dev/mapper/key
- Add the key to LUKS
cryptsetup luksAddKey /dev/sdY0 /dev/mapper/key
- Install Usbcrypt
git clone https://github.com/sheychen290/usbcrypt.git
cd usbcrypt
cp install-usbcrypt /usr/lib/initcpio/install/usbcrypt
cp hooks-usbcrypt /usr/lib/initcpio/hooks/usbcrypt
- Setup Usbcrypt
- /etc/mkinitcpio.conf : Change encrypt hook to usbcrypt
- mkinitcpio -P
- Boot options
usbcryptdevice=UUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX:key
- Remove old passphrase
cryptsetup luksRemoveKey /dev/sdY0