ArchLinux - System Encryption with a keyfile on a external flashdrive/CD/USB:
Script for the arch-linux - full system encryption with a keyfile on a external drive.
Script for the arch-linux - full system encryption with a keyfile on a external drive.
#!/bin/bashmodprobe dm_modcryptsetup -c aes-xts-plain -s 512 luksFormat /dev/sda2 /mnt/USB/keyfile.jpgcryptsetup -d /mnt/USB/keyfile.jpg luksOpen /dev/sda2 rootcryptmkfs -t ext4 /dev/mapper/rootcryptmkfs -t ext4 /dev/sda1mkdir /mnt/bootmount /dev/sda1 /mnt/bootmount /dev/mapper/rootcrypt /mntpacstrap -i /mnt base base-develgenfstab -p /mnt > /mnt/etc/fstabarch-chroot /mntbashcd //bootpacman -S syslinuxnano /etc/syslinux/syslinux.cfg//append the keyfile path//cryptdevice=/dev/sda2:rootcrypt root=/dev/mapper/rootcrypt ro cryptkey=/dev/disk/by-label/USB:vfat:keyfile.jpgnano /etc/mkinitcpio.conf//add encrypt hook //MODULES="dm_mod vfat ext4"HOOKS=base udev block autodetect encrypt filesystems//Save the file and exit//syslinux-install_update -isyslinux-install_update -asyslinux-install_update -mnano /etc/hostnamepasswdln -s /usr/share/zoneinfo/America/New_York /etc/localtimenano /etc/locale.genLANG="en_US.UTF-8"//Save and exit the file//nano /etc/locale.conf//Uncomment the en_US.UTF-8 line////Save and exit the file//exitexitmkinitcpio -p linuxumount /dev/sda1reboot
No comments:
Post a Comment