Mdthbs

Is there a need for better software for writers?

Pre-1993 comic in which Wolverine's claws were turned to rubber?

What does this quote in Small Gods refer to?

Are there non-military uses of 20%-enriched Uranium?

How are one-time password generators like Google Authenticator different from having two passwords?

How did Thanos not realise this had happened at the end of Endgame?

Why did they go to Dragonstone?

Watching the game, having a puzzle

How to make a language evolve quickly?

Is every story set in the future "science fiction"?

Is it a good idea to copy a trader when investing?

Passport stamps art, can it be done?

Why are parallelograms defined as quadrilaterals? What term would encompass polygons with greater than two parallel pairs?

What was the notion of limit that Newton used?

What is the name of meteoroids which hit Moon, Mars, or pretty much anything that isn’t the Earth?

Why is it wrong to *implement* myself a known, published, widely believed to be secure crypto algorithm?

My perfect evil overlord plan... or is it?

Does the 500 feet falling cap apply per fall, or per turn?

Why do Thanos' punches not kill Captain America or at least cause vital wounds?

Is this state of Earth possible, after humans left for a million years?

Is it nonsense to say B -> [A -> B]?

Was Mohammed the most popular first name for boys born in Berlin in 2018?

Why should password hash verification be time constant?

Renting a house to a graduate student in my department

Addressing USB-Stick by UUID as kernel parameter in grub.cfg

Using space before 1st partition of USB-Stick as luks keyDual Boot Linux and Windows 7 with GRUBUBS-Stick with Arch is no longer bootable after Win8 has been bootedIs Easy-to-use Multi-factor Full Disk Encryption Available?Ubuntu Server 16.04.3LTS Squashfs as root from GrubResizing Linux partition backwardsVirtualbox VMDK to bootable usb stick not workingUbuntu 18.04 LUKS boot problemsGRUB doesn't boot copied Linux installSetting Kernel parameters when grub.cfg is on another distroUsing space before 1st partition of USB-Stick as luks key

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

0

I'm using Arch Linux and setting up an USB-Stick as decryption key for my luks-encrypted root partition (boot is unencrypted). I described it already in this question.

Now, the key, that's used for dm-crypt is actually stored before the first partition on the stick, created this way:

sudo dd if=tempKey.bin of=/dev/sdd bs=512 seek=1 count=6

thus, 3072 are written into sector 1..6 (zero indexed). When I use the following kernel parameter in grub.cfg it works:

cryptkey=/dev/sdd:512:3072

But I cannot rely on that stick always being mapped to sdd, thatswhy even Arch-Wiki recommends using the disks ID, namely:

cryptkey=/dev/disk/by-id/$ID_OF_USB_STICK$:512:3072

BUT: USB-Sticks are getting IDs that contain colons and so the device is not found on boot, even if I try to escape the colon with a backslash. The system always seems to look for the ID before the colon.

Using cryptkey=UUID=... would only work, if I use space/sector inside a partition, not before or between.

So, I'm really stuck here. Someone any suggestions, how to solve this without rely on sdX and the possibility to accidentally overwrite/delete the key by putting it inside a partition? Would it be an option to manipulate rules.d of udev to change the way the IDs(and symlinks) for USB-Sticks are created?

arch-linux grub luks dm-crypt kernel-parameters

share|improve this question

asked 4 hours ago

Andreas H.Andreas H.

1084

New contributor

Andreas H. is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

0

I'm using Arch Linux and setting up an USB-Stick as decryption key for my luks-encrypted root partition (boot is unencrypted). I described it already in this question.

Now, the key, that's used for dm-crypt is actually stored before the first partition on the stick, created this way:

sudo dd if=tempKey.bin of=/dev/sdd bs=512 seek=1 count=6

thus, 3072 are written into sector 1..6 (zero indexed). When I use the following kernel parameter in grub.cfg it works:

cryptkey=/dev/sdd:512:3072

But I cannot rely on that stick always being mapped to sdd, thatswhy even Arch-Wiki recommends using the disks ID, namely:

cryptkey=/dev/disk/by-id/$ID_OF_USB_STICK$:512:3072

BUT: USB-Sticks are getting IDs that contain colons and so the device is not found on boot, even if I try to escape the colon with a backslash. The system always seems to look for the ID before the colon.

Using cryptkey=UUID=... would only work, if I use space/sector inside a partition, not before or between.

So, I'm really stuck here. Someone any suggestions, how to solve this without rely on sdX and the possibility to accidentally overwrite/delete the key by putting it inside a partition? Would it be an option to manipulate rules.d of udev to change the way the IDs(and symlinks) for USB-Sticks are created?

arch-linux grub luks dm-crypt kernel-parameters

share|improve this question

asked 4 hours ago

Andreas H.Andreas H.

1084

New contributor

Andreas H. is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

I'm using Arch Linux and setting up an USB-Stick as decryption key for my luks-encrypted root partition (boot is unencrypted). I described it already in this question.

Now, the key, that's used for dm-crypt is actually stored before the first partition on the stick, created this way:

sudo dd if=tempKey.bin of=/dev/sdd bs=512 seek=1 count=6

thus, 3072 are written into sector 1..6 (zero indexed). When I use the following kernel parameter in grub.cfg it works:

cryptkey=/dev/sdd:512:3072

But I cannot rely on that stick always being mapped to sdd, thatswhy even Arch-Wiki recommends using the disks ID, namely:

cryptkey=/dev/disk/by-id/$ID_OF_USB_STICK$:512:3072

BUT: USB-Sticks are getting IDs that contain colons and so the device is not found on boot, even if I try to escape the colon with a backslash. The system always seems to look for the ID before the colon.

Using cryptkey=UUID=... would only work, if I use space/sector inside a partition, not before or between.

So, I'm really stuck here. Someone any suggestions, how to solve this without rely on sdX and the possibility to accidentally overwrite/delete the key by putting it inside a partition? Would it be an option to manipulate rules.d of udev to change the way the IDs(and symlinks) for USB-Sticks are created?

arch-linux grub luks dm-crypt kernel-parameters

share|improve this question

asked 4 hours ago

Andreas H.Andreas H.

1084

New contributor

Andreas H. is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 4 hours ago

Andreas H.Andreas H.

1084

New contributor

Andreas H. is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 4 hours ago

Andreas H.Andreas H.

1084

New contributor

Andreas H. is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 4 hours ago

Andreas H.Andreas H.

1084

New contributor

Andreas H. is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 4 hours ago

Andreas H.Andreas H.

1084