From Fedora Project Wiki
(New page: == Description == Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated...) |
m (internal link cleaning) |
||
| Line 5: | Line 5: | ||
References: | References: | ||
# [ | # [[Anaconda/Features/EncryptedBlockDevices#Test_Plan|Anaconda/Features/EncryptedBlockDevices]] | ||
# [ | # [[Releases/FeatureEncryptedFilesystems|Releases/FeatureEncryptedFilesystems]] | ||
== Steps To Reproduce == | == Steps To Reproduce == | ||
* Boot anaconda | * Boot anaconda | ||
Latest revision as of 22:05, 17 September 2016
Description
Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.
When selecting the "Encrypt System" checkbox in anaconda, it is necessary to prompt the user for a passphrase to use for the encrypted filesystem.
References:
Steps To Reproduce
- Boot anaconda
- Proceed to the disk druid partitioning screen
- For the desired non-root fs partition, select the checkbox item "Encrypt" to select filesystem encryption
- Enter and confirm the passphrase in a pop up dialog for the encrypted filesystem
- continue with installation
Expected Results
- Confirmed "Encrypt system" item is checked
- Confirm able to enter and confirm the passphrase in the pop up dialog
- Verify installation completes successfully
- Upon reboot, the user is asked for the LUKS passphrase at the console
- Verify entry in /etc/crypttab is present for LUKS device
/etc/crypttab may look something like:
luks-VolGroup00-LogVol00 /dev/mapper/VolGroup00-LogVol00 none