Ubuntu install with mdadm and multiple luks partitions

Question

Given 3 identical drives partitioned for an ubuntu 20.04 install as follows (swap and /home are on separate luks volumes to share with another Linux install on sda3/4)

Partition	Format	Mount Point
/dev/sda1	ext4	/boot
/dev/sda2	luks/ext4	/
/dev/sda3		(Unused)
/dev/sda4		(Unused)
/dev/sda5	luks/swap	swap
/dev/sdb	RAID 1 Member
/dev/sdc	RAID 1 Member
/dev/md0p1	luks/ext4	/home

This guide is great for setting up luks, but only uses a single encrypted volume for / and swap. Is there a way to configure /etc/crypttab so that a single password is required to unlock /dev/sda2 which in turn will contain keys for unlocking /dev/sda5 and /dev/md0p1 automatically instead of entering 3 passwords on boot?
If RAID1 is setup across /dev/sdb and /dev/sdc to create /dev/md0 with mdadm before entering the ubuntu installer, how can ubuntu be configured to assemble the RAID volume on boot for mounting /home?

Which version of Fedora and any other distro are you using? Please edit your question and add this information. — user68186, Sep 23 '21 at 18:02

score 0 · Answer 1 · answered Sep 25 '21 at 17:13

For each luks volume, generate a new keyfile in /etc/luks-keys, add it to the luks volume header with cryptsetup luksAddKey, and add path to the key file to /etc/crypttab entry for the volume.
Couldn't figure this out in the live boot or installer. Ended up being much easier to install without a designated /home mount point, then boot into new ubuntu install and configure things from there. I.e. set up mdadm array, configure assembly on boot, and add it to /etc/fstab as the /home mount point.

Ubuntu install with mdadm and multiple luks partitions

1 Answers1

Linked