Hi, This is a tiny script running in the initrd unlocking your LUKS volumes.
Unlike the scripts provided by the cryptsetup package, this scripts runs
before Software-RAID initialization and needs no configuration when
using standard passphrase-based LUKS volumes. You'll only need to enter
your passphrase once when using it for multiple volumes.
This script is very useful when building an unencrypted Software-RAID on
top of encrypted volumes instead of doing it the other way round. This
has significant performance advantages in combination with SMP machines.
Hope this helps
Alexander Kurtz
PS: If anybody wants to distribute this, consider it GPL-2+ 'ed ;-)
==> /etc/initramfs-tools/hooks/cryptgroup <==
#!/bin/sh -e
if [ "${1}" = "prereqs" ]; then
exit 0
fi
. /usr/share/initramfs-tools/hook-functions
copy_exec /sbin/blkid
copy_exec /sbin/cryptsetup
force_load dm_crypt
==> /etc/initramfs-tools/scripts/init-premount/cryptgroup <==
#!/bin/sh -e
if [ "${1}" = "prereqs" ]; then
exit 0
fi
for uuid in `blkid -o value -s UUID -t TYPE=crypto_LUKS`; do
for try in 1 2 3; do
for passphrase in "${@}"; do
echo "${passphrase}" | cryptsetup luksOpen
"/dev/disk/by-uuid/${uuid}" "${uuid}-plain" && break 2
done
read -p "Enter passphrase for UUID=${uuid}: " -s passphrase;
echo
set -- "${passphrase}" "${@}"
done
done
signature.asc
Description: This is a digitally signed message part
