From Fedora Project Wiki

< QA‎ | TestCases

Revision as of 13:20, 11 August 2008 by Mganisin (talk | contribs) (New page: == Description == Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Description

Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.

When selecting the "Encrypt System" checkbox in anaconda, it is necessary to prompt the user for a passphrase to use for the encrypted filesystem.

References:

  1. Anaconda/Features/EncryptedBlockDevices
  2. Releases/FeatureEncryptedFilesystems

Steps To Reproduce

  • Boot anaconda
  • Proceed to the disk druid partitioning screen
  • For the rootfs partition, select the checkbox item "Encrypt" to select filesystem encryption
  • Enter and confirm the passphrase in a pop up dialog for the encrypted filesystem
  • continue with installation

Expected Results

  • Confirmed "Encrypt system" item is checked
  • Confirm able to enter and confirm the passphrase in the pop up dialog
  • Verify installation completes successfully
  • Upon reboot, the user is asked for the LUKS passphrase at the console
  • Verify entry in /etc/crypttab is present for LUKS device


/etc/crypttab may look something like: 

luks-VolGroup00-LogVol00 /dev/mapper/VolGroup00-LogVol00 none
Retrieved from "https://fedoraproject.org/w/index.php?title=QA/TestCases/LUKS_Enter_Passphrase_(root_filesystem)&oldid=44394"