I can’t find any information about the technical details involved in the LVM encryption that I used during install.
Since I want to fine tune the encryption and make use of the AES-NI instruction I would like to determine what is used during the installation, and whether I need to manually create and tune the partitions.
-----BEGIN PGP SIGNED MESSAGE-----
This may be a useful starting place.
Want to yell at me in person?
Come in October: http://tinyurl.com/brainshare2011
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
As far as I know, it uses LUKS, which in turn uses dm-crypt. You can use google to find more information on those.
The encryption is setup via the “cryptsetup” command, so
will give you information on what options are available if you decide to setup encryption yourself. You presumably do that setup by booting a live CD, after which you would have to reinstall.
It is possible, however, that you don’t need to reinstall. You might only need to make sure that the padlock-sha and/or padlock-aes kernel modules are loaded. You could perhaps experiment with using those with mounting your LVM from a live CD boot. If that will solve the problem, then you would presumably need to remake the initrd that is used to load modules during boot.
And where is the relevant information? I can’t find anything regarding the technical details. All I found is just trivial user documentation with no details whatsoever.
On 2011-07-09 13:36, Let Me Be wrote:
> Since I want to fine tune the encryption and make use of the AES-NI
> instruction I would like to determine what is used during the
> installation, and whether I need to manually create and tune the
You can find out the used system by running “file -s /dev/device” on the
device holding your filesystem. Then, going further and knowing the
technical details is difficult.
> http://encryptionhowto.sourceforge.net/ (Last modified: Oct 04, 2000. )
> http://en.opensuse.org/Encrypted_Root_File_System <===
> http://www.suse.de/~lnussel/hdencryption/hdencryption.html <--- the suse way
> http://luks.endorphin.org/ (LUKS - Linux Unified Key Setup )
> http://www.saout.de/tikiwiki/tiki-index.php (Welcome to the dm-crypt wiki)
> http://www.saout.de/tikiwiki/tiki-index.php?page=LUKS (Linux Unified Key Setup)
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)