7

TrueCrypt on Windows can auto mount volumes that use the same passphrase as the boot volume. You enter the passphrase only once. Is there a way to do this with LUKS?

Background: I'm currently migrating from Windows to Ubuntu. I set up Ubuntu 11.10 with LUKS full disk encryption. I use a second hard drive that is still a TrueCrypt NTFS volume. I want to change that.

user50910
  • 315
  • possible duplicate of Mount a LUKS partition at boot – Panther Mar 17 '12 at 13:20
  • "possible duplicate of Mount a LUKS partition at boot" Not really, with that method you still have to enter your passphrase once for each disk. – user50910 Mar 17 '12 at 16:21
  • Yes you have to enter a password for each disk. If you want to enter a single password, use LVM. – Panther Mar 17 '12 at 17:20
  • How exactly would this be done with LVM? Is there a specific howto on adding an addition drive to a logical volume? (responding to bodhi.zazen's last comment) –  Apr 30 '12 at 15:55
  • 1
    Contrary to what has already been said, you CAN use password files that are on the first encrypted volume. – RobotHumans Sep 05 '12 at 23:32
  • It's in part of this answer if you're in a hurry, http://unix.stackexchange.com/questions/36434/install-backtrack-5-r2-into-running-luks-setup-installed-with-ubuntu/36490#36490 – RobotHumans Sep 06 '12 at 00:13
  • Now with SSD + Hard drive in my laptop, I'm in the same situation. It's possible using a keyfile as mentioned here. Will investigate soon probably and post as an answer if I succeed. – gertvdijk Sep 19 '12 at 23:56

1 Answers1

6

You can use the decrypt_keyctl keyscript to securely cache the passphrase when mounting multiple encrypted volumes. The README describes how to do this on boot; there are some caveats with workarounds described in bug 1022815.

This should allow auto mounting of multiple encrypted volumes at boot with only one passphrase prompt. The same keyctl mechanism could be used to arrange the automounting of other volumes after boot time, but I'm not aware of a full solution.

Robie Basak
  • 15,670