Pages

Thursday, August 5, 2010

Fresh install with a LUKS /home partition

I had an LUKS encrypted home partition, I wanted do a fresh install of Mint, but the GUI installer did not seem to support this.  There was no easy straight forward way that I knew to do this. I was faced with backing up all of my info and then restoring it. This seemed like a good excuse to try to find a way to do a fresh install with a previously encrypted home partition. I read post that suggested I should save a copy of  /etc/fstab and /etc/crypttab  from my old install. After that I went about installing Mint 9, when the installer got to the partitioning section I used my  boot and root partitions, but had it install home on a USBdrive and left the encrypted partition alone. The whole install process went fine I disconnected the USBdrive and did a restart. At reboot it came up my /home partition was missing or not ready. So I dropped into a root shell, the first thing I did was to edit /etc/fstab and /etc/crypttab, in fstab I changed the entry for the my /home partition to reflect my encrypted partition. I then just copied all of the info from my old crypttab over since the new one was empty.  I also had to create a dir in /dev/mapper

 cryptsetup -v luksDump /dev/sda3

cryptsetup -v luksOpen /dev/sda3 home #this will create a entry in /dev/mapper called home


After I did this I rebooted it came up to unlock the LUKS partition, only issue I have is it try's to mount all of the partitions before I have finished  imputing the passphrase. So I have to hit M which drops to a option for root console or ctrl+D.  I hit ctrl+D and it open Mint. So I need to figure out how to pause the boot process while I enter the passphrase  and then I will be good.


this blog gave me the biggest clues http://tuxtraining.com/2008/03/05/encrypted-root-file-system-during-install-in-opensuse-103



also some clues from here http://forums.fedoraforum.org/showthread.php?t=234383