Hi Guys
Are there any methods to boot from a encrypted boot disk without putting in the password manually ? Is there an online option to get the passphrase accepted ?
Thanks
Al
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Encrypted boot disk
-
- Global Moderator
- Posts: 3049
- Joined: 2017-09-17 07:12
- Has thanked: 5 times
- Been thanked: 132 times
Re: Encrypted boot disk
I'm afraid not. From https://www.gnu.org/software/grub/manua ... figuration :
Or do you actually mean "mount an encrypted root filesystem" after booting from an unencrypted /boot filesystem ?‘GRUB_ENABLE_CRYPTODISK’
If set to ‘y’, grub-mkconfig and grub-install will check for encrypted disks and generate additional commands needed to access them during boot. Note that in this case unattended boot is not possible because GRUB will wait for passphrase to unlock encrypted container.
Re: Encrypted boot disk
So I guess the correct term is unattended boot on an encrypted partition.p.H wrote:Note that in this case unattended boot is not possible because GRUB will wait for passphrase to unlock encrypted container.
I read somewhere that and online service can be called to allow the system to boot, but I cannot find that info anymore.
So how would a customer on cloud provider boot on an encrypted partition?
Re: Encrypted boot disk
You can add the root unlock luks key in initramfs by specifying its location in /etc/cryptsetup-initramfs/conf-hook AND then regenerate initramfs.
As far as /boot is concerned I do not suppose that is encrypted on instances provided in public cloud.
I did not find 'insmod cryptodisk' in grub.cfg on any of my encrypted instances in different public clouds.
edit - Also did not find 'GRUB_ENABLE_CRYPTODISK=y' in /etc/default/grub
As far as /boot is concerned I do not suppose that is encrypted on instances provided in public cloud.
I did not find 'insmod cryptodisk' in grub.cfg on any of my encrypted instances in different public clouds.
edit - Also did not find 'GRUB_ENABLE_CRYPTODISK=y' in /etc/default/grub