You are not logged in.
- Topics: Active | Unanswered
#1 2015-09-10 19:02:11
- mprelude
- Member
- Registered: 2015-09-10
- Posts: 2
Move /home & /var to a second encrypted device?
I have an installed & working system with three hard drives:
- 1x 256GB SSD with /boot and encrypted lvm partition (has root and swap).
- 2x 1TB SATA drives in hardware RAID-1.
I'm running Syslinux, which handles decrypting the /dev/sda1 partition and setting it to the filesystem root.
What I want to do is create another encrypted lvm on the RAID array, have it decrypt at load time (preferably without an extra passphrase needing to be entered) and mount two partitions on it to /home & /var.
So, my questions are:
- What's the best way to set this up to work seamlessly?
- What's the best way to copy the files over from /var & /home to the RAID array and make sure I don't lose anything (softlinks, hidden files, permissions etc)?
Last edited by mprelude (2015-09-10 19:03:42)
Offline
#2 2015-09-10 21:36:24
- byte
- Member
- From: Düsseldorf (DE)
- Registered: 2006-05-01
- Posts: 2,046
Re: Move /home & /var to a second encrypted device?
- https://wiki.archlinux.org/index.php/Dm … m#Crypttab (with a LUKS keyfile on the SSD to skip manual passphrase input)
- https://wiki.archlinux.org/index.php/Fu … with_rsync ('rsync -aHAX' being the main takeaway)
I'm not 100% sure about systemd/journald having /var not directly accessible, but at least /home should be no problem.
1000
Offline