| 1 |
On 31/12/15 09:15, Jeremi Piotrowski wrote: |
| 2 |
> On Thu, Dec 31, 2015 at 07:45:29AM +1000, Hans wrote: |
| 3 |
>> I can't follow Sakaki's_EFI_Install_Guide. The system will run in |
| 4 |
>> VirtualBox and only have BIOS. No UEFI, EFI, USB stick as boot or key disk. |
| 5 |
> |
| 6 |
> You should still atleast read the guide to figure out how to get the |
| 7 |
> encryption part right. You can skip the USB stuff and fallback to BIOS |
| 8 |
> equivalents of EFI concepts. |
| 9 |
> |
| 10 |
>> I just have to find a way to get the same result using Gentoo with |
| 11 |
>> OpenRC and if possible without LVM. Entering the pass phrase several |
| 12 |
>> times is no problem. |
| 13 |
> |
| 14 |
> The steps are more or less the following: |
| 15 |
> |
| 16 |
> 1. cryptsetup your whole device |
| 17 |
> 2. mkfs |
| 18 |
> 3. chroot |
| 19 |
> 4. install grub with device-mapper flag |
| 20 |
> 5. install dracut and cryptsetup. |
| 21 |
> 6. add GRUB_ENABLE_CRYPTODISK=y to /etc/default/grub |
| 22 |
> 7. grub2-install |
| 23 |
> 8. set 'hostonly="yes"' in /etc/dracut.conf OR add the output of |
| 24 |
> `dracut --print-cmdline` to GRUB_CMDLINE_LINUX_DEFAULT in |
| 25 |
> /etc/default/grub |
| 26 |
> 9. grub2-mkconfig -o /boot/grub/grub.cfg |
| 27 |
> 10. dracut --regenerate-all |
| 28 |
> |
| 29 |
> Somewhere between step 3 and 10 you need to build the kernel with atleast the |
| 30 |
> dm_crypt module. This will lead to you having to enter the password twice - |
| 31 |
> once when grub starts and once when the initramfs is setting up /. |
| 32 |
> |
| 33 |
> Check the arch wiki article on the topic [1] for more info, but don't |
| 34 |
> blindly trust the boot loader part because that is specific to arch's |
| 35 |
> initramfs generator. |
| 36 |
> |
| 37 |
> [1]: https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system |
| 38 |
> |
| 39 |
> |
| 40 |
|
| 41 |
I have a working VM with Gentoo on LVM on top of LUKS. Works fine in |
| 42 |
change root, Just can't get it to boot. Probably somewhere missed |
| 43 |
something. Will start from scratch using your 10 steps with dracut |
| 44 |
instead of genkernel. |
| 45 |
|
| 46 |
Have a nice New Year |
| 47 |
Hans |
Archives