https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration
Need to have normal ext4 boot partition, vfat EFI partition, and an encrypted partition.
Kernel boot image must have dmcrypt support:
/etc/mkinitcpio.conf
...
HOOKS=(base udev autodetect keymap modconf block encrypt filesystems keyboard fsck)
...
/etc/default/grub:GRUB_CMDLINE_LINUX="cryptdevice=UUID=88.-..888:cryptroot:allow-discards"
/etc/fstab:
# /dev/mapper/cryptroot
UUID=111-11-... / ext4 rw,noatime 0 0
# /dev/nvme0n1p6
UUID=222-22-... /boot ext4 rw,relatime 0 0
# /dev/nvme0n1p2
UUID=333.. /boot/efi vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro
0 0
No comments:
Post a Comment