You are not logged in.
I've been debating whether or not to make my luks key visible on my usb drive. The disadvantage of having it visible is anybody could edit it, and I wouldn't be able to get back onto my pc. On the other hand, if it's hidden (stored between mbr and first partition), and the usb key becomes corrupt or destroyed, I would lose the key. Then again, that would happen with a visible file as well... Also, since it's the Corsair Survivor, I'm hoping the likelihood of it being physically destroyed has been minimized.
In any event, I'm still trying to debate which one I want to do. Am I overlooking something that could convince me to go with either method?
Last edited by Berticus (2009-08-10 19:12:24)
Offline
I would personally have it hidden, but also have it backed up somewhere.
Offline
IIRC, you can set more than one concurrent password with luks. Use a hidden key but set a "manual" password in case your usb key becomes corrupt.
(lambda ())
Offline
Thanks for the suggestion. Also, how do I determine the offset?
Offline
Offline
http://wiki.archlinux.org/index.php/LUK … _partition
Now you have to add a kernel parameter in your menu.lst (Grub), it should look something like this:
kernel /vmlinuz26 root=/dev/hda3 ro vga=791 cryptkey=/dev/usbstick:2048:2048
Format for the cryptkey option:
cryptkey=BLOCKDEVICE:OFFSET:SIZE
I also have grub on the mbr
Offline