1
I know PGP has an option to set a parameter so that the next reboot won't ask for the encryption password.
I thought I saw the same functionality with LUKS/cryptsetup
But, as it always happens, When I need it I cant find it.
1
I know PGP has an option to set a parameter so that the next reboot won't ask for the encryption password.
I thought I saw the same functionality with LUKS/cryptsetup
But, as it always happens, When I need it I cant find it.
3
The password prompt during reboot isn't technically provided by cryptsetup
, but by a script running within the boot-time initrd
, which then calls cryptsetup
with the password you supply.
Debian, at the very least, doesn't provide any such option, but you can modify your initrd
to do whatever you want during the boot process.
cryptsetup
has no facility for mounting a LUKS-formatted block device without a password, but it can accept a key file. This could be the basis for automatic boot without a passphrase prompt. Beware that if you store such a file on an unencrypted file system it can likely be easily recovered with undelete tools unless you badblocks
and reformat whatever device it is stored on or something similar.