Comment 0 for bug 1634310

Revision history for this message
Alexander Chepurko (alexander-chepurko) wrote :

For the life of me I cannot get the parameter crypt:dev=/dev/vdb to work in /etc/overlayroot.conf.

I have tried the line

overlayroot=crypt:dev=/dev/vdb,pass=somepass,mkfs=0

Which works when I create the LUKS device ahead of time, and set the passphrase 'somepass'. But when I try

overlayroot=crypt:dev=/dev/vdb,mkfs=1

or just

overlayroot=crypt:dev=/dev/vdb

I get no overlay after reboot. I have also tried the "debug=1" parameter and I'm not getting any debug output either. Where are the logs and/or where should I be able to see the debug output?

As Dustin has so eloquently documented, it defeats the privacy of your encryption if you have to specify the passphrase in clear text in your unencrypted read-only directory. So the only way I will be using this is if I can use the simple "overlayroot=crypt:dev=/dev/vdb" one-liner and have the passphrase generated automatically on boot.