Proper way to unlock drive using keyfile on /boot?

asked 2016-09-25 05:41:15 -0500

updated 2016-09-27 04:33:38 -0500

Ideal scenario:

  • /boot is on an external USB.
  • encrypted keyfile is located on /boot.
  • on startup, user is prompted to enter password to decrypt keyfile in order to unlock drive.

What is the proper way of achieving this on Fedora?

On Debian it was a simple matter of editing the "/etc/crypttab" file and using "keyscript", adding the key to the luks keychain and rebuilding initramfs.

edit retag flag offensive close merge delete