[dundee] Raid 1 + Encryption
Lee Hughes
toxicnaan at yahoo.co.uk
Thu Feb 5 14:03:26 UTC 2009
it's a bug in the installer all right, after fiddling with it, I got some sense out of it, and it's installed, everything looks good so far ;-).
Create two partions on hda
/dev/sda1 82.1mb RAID
/dev/sda2 8.5GB RAID
/dev/sdb1 82.1mb RAID
/dev/sdb2 8.5GB RAID
create two raid devices
md0 - RAID 1 (sda1/sdb1)
md1 - RAID 1 (sda2/sdb2)
then set md0 to ext2 and mount /boot (this can't be encrypted due to chicken and egg)
set md1 as LVM PV
create LVM VG , call it say VG0 and add md1 to it.
create 2 LV's within VG0
swap = LVSWAP (1.1GB)
root = LVROOT (7.4GB)
set LVSWAP to type encrypted
set LVROOT to type encrypted
(at this point *don't* choose random keys, else the installer takes a nose dive (hangs))
VG0-LVROOT_crypt - set it ext3 with mount point /
VG0-LVSWAP_crypt - make it swap
you may have to set md0 (raid device #0) to ext 2 and mount point /boot
(the installer seems to forget this!!)
okay you should have something looking like this.
http://img155.imageshack.us/my.php?image=lvmrootdz1.png
and that's it., is that right, it certainly seem to work.
I hope helps someone out there, because there is very little documentation out
there that makes any sense?
now, I believe there is some way to encrypt the initrd also... but this will do for now?
I'm not sure of the value of that, I mean, initrd , it's not exactly worth protecting.
Cheers,
Lee
--- On Wed, 4/2/09, Lee Hughes <toxicnaan at yahoo.co.uk> wrote:
From: Lee Hughes <toxicnaan at yahoo.co.uk>
Subject: Re: [dundee] Raid 1 + Encryption
To: "Tayside Linux User Group" <dundee at lists.lug.org.uk>, "Sean McRobbie" <lug at seany.us>
Date: Wednesday, 4 February, 2009, 5:12 PM
okay, I wish you could remember because this is driving me nuts.
I'm thinking it's a bug in the installer, because I can find very little information
on making the installer do this. :-(
darn.. it..
--- On Wed, 4/2/09, Sean McRobbie <lug at seany.us> wrote:
From: Sean McRobbie <lug at seany.us>
Subject: Re: [dundee] Raid 1 + Encryption
To: toxicnaan at yahoo.co.uk, "Tayside Linux User Group" <dundee at lists.lug.org.uk>
Date: Wednesday, 4 February, 2009, 4:11 PM
Hello,
The alternate install CD for Ubuntu Server provides RAID+LVM+LUKS. I have
successfully set up plenty of Ubuntu servers using nothing more than their
installer for RAID1 drives.
With the installer, I
*think* the process goes like this:
Create 256mb raid disk md0 on drive 1
Create 256mb raid disk md0 on drive 2
Create 2GB swap on drive 1
Create 2GB swap on drive 2
Create raid disk md1 on remaining space on both drives
Create /boot on md0 as ext2
Create LVM on md1
(my memory fails at this point) Create ext3 LUKS on the LVM.
Hope this helps
Regards,
Sean McRobbie
----- Original Message -----
From: "Lee Hughes" <toxicnaan at yahoo.co.uk>
To: dundee at lists.lug.org.uk
Sent: Wednesday, 4 February, 2009 14:13:06 GMT +00:00 GMT Britain, Ireland,
Portugal
Subject: [dundee] Raid 1 + Encryption
okay, now here's a question for you..
after following the *excellent guide here*
http://advosys.ca/viewpoints/2007/04/setting-up-software-raid-in-ubuntu-server/
I got a very good raid 1 setup, it's suprising stable and quick.
However , how does one add
encrypted raid 1? is it possible ? I'm sure
it's out
the power of the normal install....
go an scare me with a config or two..
Cheers,
Lee
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20090205/9f1a1692/attachment.htm
More information about the dundee
mailing list