|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Automating boot of Ubuntu on encrypted LVM?
On Mon, Apr 8, 2013 at 10:07 AM, Rich Wales <richw@xxxxxxxxx> wrote: > What I want is a way to encrypt my domU's root partition, but avoid > needing to type in a decryption passphrase by having said passphrase > supplied via a file on the dom0. I'll take care of safeguarding the > boot passphrase(s) by storing the file(s) in my ecryptfs-encrypted home > directory on the dom0. Have you considered a simpler method? For example, if you just want to have dom0 boot normally while domU boot requires some kind of password, then Mike's suggestion should work. You encrypt everything that domU uses (domU's config file and disk), but leave everything that only dom0 use unencrypted. One easy way to do this is by having a separate VG: - dom0 -> VG_1 -> PV on unencrypted disk/partition - domU -> VG_2 -> PV on encrypted disk/partition (e.g. luks) During boot, dom0 boot just fine, but then you log in to unencrypt the luks partition and manually run the commands to start all domUs. -- Fajar _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |