Objective: Unlock a LUKS partition with keyfile located on USB drive, with password fallback.
Context:
- OS: Debian 11
- All system partitions are on /dev/sda
Step 1: Created a key file in FAT partition (partition name P1) of the USB drive
Code: Select all
dd if=/dev/random of=/keyfile bs=512 count=15
Code: Select all
sudo vim /etc/crypttab
Code: Select all
/keyfile:LABEL=P1 luks,keyfile-timeout=5s
Code: Select all
sudo cryptsetup luksAddKey /dev/sdax ./keyfile
Code: Select all
update-initramfs -u