SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#1 2012-08-09 20:11:09

SabreWolfy
#! Die Hard
Registered: 2009-03-09
Posts: 1,285

[Solution] (Re)install #! but keep encrypted /home and swap

I originally posted this here, but have reposted it here as suggested by omns:

Does anyone have any experience reinstalling with encrypted /home and swap? I have / on one partition, encrypted /home on another, and encrypted swap on a third, running updated Waldorf 20120430. If I install the 20120806 release to the / partition and leave the /home partition unformatted, will the installer detect it is encrypted and set it up accordingly?

Edit: This post suggests that the Debian installer does not recognize existing encrypted partitions. The work-around looks suitably complex...

Last edited by SabreWolfy (2012-10-22 11:24:09)


Support #!Waldorf • Debian sid • Xubuntu • siduction • Peppermint • OpenBox • Xfce • LXDE •

Offline

Be excellent to each other!

#2 2012-10-21 22:02:36

kbmonkey
#! Die Hard
Registered: 2011-01-14
Posts: 836
Website

Re: [Solution] (Re)install #! but keep encrypted /home and swap

Hello @SabreWolfy.

I managed to update my install, keeping my home. This is what I did:

* backup the / partition files in case you need them later.
* reinstall the new distro. Do *not* specify a /home mount point.
* once booted into the new system:
+ install cryptsetup
+ change /etc/fstab to use /dev/mapper for your /home mount point

# <file system>         <mount point>   <type>  <options>               <dump>  <pass>
/dev/mapper/vault       /home           ext4    rw,errors=remount-ro    0       0

+ change /etc/crypttab to match

# <target name>   <source device>  <key file>  <options>
vault             /dev/HOME        none        luks

This is a subset of the instructions I posted here, in "Phase 2".

I guessed my old dotfiles (~/.*) may leave historical cruft and outdated application configs, so before rebooting, I used the "luksOpen" command, mounted the /home container and replaced my old dotfiles with the ones from the current session.

I did not use encrypted swap this time, so I can only suggest: during install, do not specify swap (or format as normal swap), and use the procedure in the link above to convert to encrypted swap.

Offline

#3 2012-10-22 11:23:26

SabreWolfy
#! Die Hard
Registered: 2009-03-09
Posts: 1,285

Re: [Solution] (Re)install #! but keep encrypted /home and swap

^ Thanks smile This is excellent as a future reference.


Support #!Waldorf • Debian sid • Xubuntu • siduction • Peppermint • OpenBox • Xfce • LXDE •

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.

Debian Logo