Enable Encrypted Partitions for LS-VL
This page is work in progress. While all relevant information is already present, the description is not yet complete. Please have a look here again in a few days.
What will you get?
This how-to guides you to set up Encrypted Partitions for LW-VL using dm-crypt / LUKS. Partitions may even be on a RAID.
What you need beforehand
You have to be able to use the root account on the NAS. You can follow Open Stock Firmware LS-VL.
- Check whether the kernel support dm_crypt (kernel 220.127.116.11 from Firmware 1.40 and 1.41 is known to be okay.)
# grep dm_crypt /proc/kallsyms c0021f74 t dm_crypt_init c0027e74 t __initcall_dm_crypt_init6 c033bbd0 t dm_crypt_bio_destructor
- Install the package cryptsetup
apt-get install cryptsetup
- Follow the instructions at <http://en.gentoo-wiki.com/wiki/Root_filesystem_over_LVM2,_DM-Crypt_and_RAID> to setup the encryption.
- Set up an Initrd for Raid-Boot, using linuxrc-cryptsetup.txt shown at that page.
- Install this initrd to /boot and reboot.
- Describe a working way to enter the key via network since LS-VL does not have a serial console connector.