You are not logged in.

#1 2020-01-14 13:15:00

pthors
Member
Registered: 2009-11-10
Posts: 5

[SOLVED] keep drive decrypted and mounted after removing thumbdrive?

Hello, I posted this in newbie corner and didn't get a response, sorry for the cross post. I have an external backup hard drive encrypted with luks that I've set to decrypt and mount automatically on boot with another USB stick plugged in (key is on the stick). When I remove the USB stick, the backup drive unmounts and encrypts itself. Is there a way to prevent encryption after I remove the USB stick? If it helps, I've used the instructions here to setup the automatic mounting: https://willhaley.com/blog/unlock-luks- … h-usb-key/

Thank you,

-patrick

Last edited by pthors (2020-01-16 01:09:00)

Offline

#2 2020-01-14 23:55:41

loqs
Member
Registered: 2014-03-06
Posts: 9,601

Re: [SOLVED] keep drive decrypted and mounted after removing thumbdrive?

I do not believe it is possible with the units created by systemd-cryptsetup-generator.  You could try overriding the units.

Offline

#3 2020-01-15 05:08:43

pthors
Member
Registered: 2009-11-10
Posts: 5

Re: [SOLVED] keep drive decrypted and mounted after removing thumbdrive?

Would it be possible to run a script after boot from the thumb drive that attempts to decrypt the drive by entering the password as if I typed it? The commands for decrypting and mounting all seems basic, I’m not sure about the part where I would simulate the keystrokes when a password is prompted.

Offline

#4 2020-01-15 07:01:55

frostschutz
Member
Registered: 2013-11-15
Posts: 882

Re: [SOLVED] keep drive decrypted and mounted after removing thumbdrive?

technically there is no reason to close an open crypt container or umount it, just because the key device was unplugged. the key is only necessary at open time.

so systemd actually jumps through hoops and does extra work when key device is removed. systemd is sometimes a bit overenthusiastic about umounting things.

it's not even possible to umount it properly, when the filesystem is still in use. not sure if systemd respects that, if so you could delay the umount by making sure it's kept busy until you don't need it.

before systemd, you'd use udev rules instead for things like this (decrypt when plugging key device). so you'd not have a crypttab entry but just a noauto fstab one.

not sure how to do it properly to make it cooperate with systemd environment. my knowledge in the systemd field is still too superficial...

Offline

#5 2020-01-15 17:16:36

pthors
Member
Registered: 2009-11-10
Posts: 5

Re: [SOLVED] keep drive decrypted and mounted after removing thumbdrive?

Thank you both for your responses. I learned with a little more searching that systemd unmounts the encrypted drive when the thumbdrive is manually removed from the usb port but will stay mounted if umount is used. I setup a script to unmount the thumbdrive after the system booted and it works now.

Thank you again.

Offline

Board footer

Powered by FluxBB