[CentOS] LVM encryption and new volume group
Tim
lists at kiuni.de
Fri Mar 6 05:25:32 UTC 2015
Hi Chris,
thanks for your answer.
It is the first time I decided to encrypt my lvm. I choosed to encrypt the volume group, not every logical volume itself, because in case of doing lvm snapshots in that group they will be encrypted too?
And how do I create a new encrypted volume group?
Regards
Tim
Am 6. März 2015 01:58:23 MEZ, schrieb Chris Murphy <lists at colorremedies.com>:
>On Thu, Mar 5, 2015 at 2:09 PM, Tim <lists at kiuni.de> wrote:
>> Hello list,
>>
>> I bought a Thinkpad T420 and installed CentOS 7 recently.
>>
>> I choosed to use lvm encryption for the entire volume group. It works
>so far.
>>
>> But now I am planning to install a second hard disk. My thought is to
>create a new volume group on this additional disk.
>>
>> But how can I integrate/do this according to the existing encryption
>so that it will be decrypted by the same passphrase I use at startup?
>
>http://linux.die.net/man/5/crypttab
>
>When you create a new entry in crypttab, you can use the 3rd field to
>point to a file that contains the passphrase for this new LUKS volume.
>In effect, one passphrase gives access to both drives.
>
>So there's a pro con here. Pro is that you could actually opt for a
>completely different passphrase for the 2nd drive, but never have to
>directly type it in. The con is that should you forget this
>passphrase, and its only location is on the primary drive that's
>already encrypted and that drive dies - then anything on the 2nd drive
>cannot be decrypted. Oops. So be careful of that.
>
>
>--
>Chris Murphy
>_______________________________________________
>CentOS mailing list
>CentOS at centos.org
>http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list