| 1 |
On Sat, Apr 16, 2022 at 6:39 PM Dale <rdalek1967@×××××.com> wrote: |
| 2 |
> |
| 3 |
> Neil Bothwick wrote: |
| 4 |
> > Use /dev/disks/by/partlabel/foo or /dev/disks/by-partuuid/bar. |
| 5 |
> > |
| 6 |
> |
| 7 |
> That's even more typing than /dev/sdk. Some things I do easily by using |
| 8 |
> tab completion and all. When mounting, I let fstab remember the UUID |
| 9 |
> for it. |
| 10 |
|
| 11 |
That's what copy/paste is for. How often are you editing your |
| 12 |
crypttab anyway? This way when you move drives around they still |
| 13 |
work. |
| 14 |
|
| 15 |
> It's not like UUIDs are made to remember either. |
| 16 |
|
| 17 |
blkid is your friend. |
| 18 |
|
| 19 |
This is for config files, not random mounting/unmounting. I use the |
| 20 |
dynamic device nodes all the time if I'm just plugging a drive in and |
| 21 |
looking at it. However, if I'm going to put it in a config file I use |
| 22 |
a persistent ID so that I'm not running into breakage anytime things |
| 23 |
change. |
| 24 |
|
| 25 |
When I'm setting it up it is just a few extra seconds to look up the |
| 26 |
UUID and copy/paste it. When the system randomly breaks I have to go |
| 27 |
digging through logs and config files to figure out what went wrong. |
| 28 |
It pays for me to spend a little more time on getting my config right |
| 29 |
when everything is fresh in my head, because when I'm troubleshooting |
| 30 |
it will take a little while just to figure out what I did when I set |
| 31 |
it up. |
| 32 |
|
| 33 |
Here is an example of one of my cryptsetup files: |
| 34 |
cd1 UUID="1cbd5860-3469-41f7-8658-acd83d1957a0" /cd1.key |
| 35 |
|
| 36 |
(This is using a random key stored in a file, which works for this |
| 37 |
particular situation. Obviously the drive is only as secure as that |
| 38 |
file.) |
| 39 |
|
| 40 |
The corresponding drive blkid output is: |
| 41 |
/dev/sdb1: UUID="1cbd5860-3469-41f7-8658-acd83d1957a0" |
| 42 |
TYPE="crypto_LUKS" PARTUUID="a4a383a8-24c2-f74b-94d8-ca4ffc366327" |
| 43 |
|
| 44 |
Oh, and look at that - the first drive I set up on this system is |
| 45 |
actually the second drive that got assigned a device name. It was |
| 46 |
probably /dev/sda1 when I first set it up, and I added another drive |
| 47 |
since then. |
| 48 |
|
| 49 |
The contained drive shows up as: |
| 50 |
/dev/mapper/cd1: UUID="a2721813-4d10-4f69-ab2a-4beb0d6e95d7" TYPE="ext4" |
| 51 |
|
| 52 |
(No LVM here - this is storage for a distributed filesystem so the |
| 53 |
volume management is effectively above the filesystem level. I can |
| 54 |
add other drives to the cluster and they're in the pool, and if I want |
| 55 |
to move data off this drive I can just edit a config file and the data |
| 56 |
will be moved while online. The encryption is mainly so that if a |
| 57 |
drive fails I don't have to worry about anybody recovering data from |
| 58 |
it.) |
| 59 |
|
| 60 |
-- |
| 61 |
Rich |
Archives