Hi Chris, thanks for your answer. It is the first time I decided to encrypt my lvm. I choosed to encrypt the volume group, not every logical volume itself, because in case of doing lvm snapshots in that group they will be encrypted too? And how do I create a new encrypted volume group? Regards Tim Am 6. März 2015 01:58:23 MEZ, schrieb Chris Murphy <lists at colorremedies.com>: >On Thu, Mar 5, 2015 at 2:09 PM, Tim <lists at kiuni.de> wrote: >> Hello list, >> >> I bought a Thinkpad T420 and installed CentOS 7 recently. >> >> I choosed to use lvm encryption for the entire volume group. It works >so far. >> >> But now I am planning to install a second hard disk. My thought is to >create a new volume group on this additional disk. >> >> But how can I integrate/do this according to the existing encryption >so that it will be decrypted by the same passphrase I use at startup? > >http://linux.die.net/man/5/crypttab > >When you create a new entry in crypttab, you can use the 3rd field to >point to a file that contains the passphrase for this new LUKS volume. >In effect, one passphrase gives access to both drives. > >So there's a pro con here. Pro is that you could actually opt for a >completely different passphrase for the 2nd drive, but never have to >directly type it in. The con is that should you forget this >passphrase, and its only location is on the primary drive that's >already encrypted and that drive dies - then anything on the 2nd drive >cannot be decrypted. Oops. So be careful of that. > > >-- >Chris Murphy >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos