Enable Encrypted Partitions for LS-VL

From NAS-Central Buffalo - The Linkstation Wiki
Revision as of 19:18, 10 May 2011 by Lsuser1985 (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page is work in progress. While all relevant information is already present, the description is not yet complete. Please have a look here again in a few days.

Contents

What will you get?

This how-to guides you to set up Encrypted Partitions for LW-VL using dm-crypt / LUKS. Partitions may even be on a RAID.


What you need beforehand

You have to be able to use the root account on the NAS. You can follow Open Stock Firmware LS-VL.

The Guide

  1. Check whether the kernel support dm_crypt (kernel 2.6.31.8 from Firmware 1.40 and 1.41 is known to be okay.)
# grep dm_crypt /proc/kallsyms
c0021f74 t dm_crypt_init
c0027e74 t __initcall_dm_crypt_init6
c033bbd0 t dm_crypt_bio_destructor
  1. Install the package cryptsetup
apt-get install cryptsetup
  1. Follow the instructions at <http://en.gentoo-wiki.com/wiki/Root_filesystem_over_LVM2,_DM-Crypt_and_RAID> to setup the encryption.
  2. Set up an Initrd for Raid-Boot, using linuxrc-cryptsetup.txt shown at that page.
  3. Install this initrd to /boot and reboot.

Todo

  • Describe a working way to enter the key via network since LS-VL does not have a serial console connector.