this post was submitted on 19 Mar 2024
267 points (97.8% liked)

Linux

48209 readers
713 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

[Image description:
Screenshot of terminal output:

~ ❯ lsblk
NAME           MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sda              8:0    1  62.5M  0 disk  
└─topLuks      254:2    0  60.5M  0 crypt 
  └─bottomLuks 254:3    0  44.5M  0 crypt

/end image description]

I had no idea!

If anyone else is curious, it's pretty much what you would expect:

cryptsetup -y -v luksFormat /dev/sda
cryptsetup open /dev/sda topLuks
cryptsetup -y -v luksFormat /dev/mapper/topLuks
cryptsetup open /dev/mapper/topLuks bottomLuks
lsblk

Then you can make a filesystem and mount it:

mkfs.ext4 /dev/mapper/bottomLuks
mount /dev/mapper/bottomLuks ~/mnt/embeddedLuksTest

I've tested putting files on it and then unmounting & re-encrypting it, and the files are indeed still there upon decrypting and re-mounting.

Again, sorry if this is not news to anyone else, but I didn't realise this was possible before, and thought it was very cool when I found it out. Sharing in case other people didn't know and also find it cool :)

you are viewing a single comment's thread
view the rest of the comments
[–] Goun@lemmy.ml 5 points 8 months ago (1 children)

If you think about, it makes sense, but I didn't know this! Really cool indeed - do you have any use case for that or you were just poking around?

[–] communism@lemmy.ml 6 points 8 months ago (2 children)

I have an SSD and an HDD—I was considering on my next distro hop to put the root partition on the SSD and home partition on the HDD, decrypt the SSD and top level of the HDD upon boot, then decrypt the bottom level of the HDD upon user login. I'm sure many will think that's overkill or silly, but hey, if you have full disk encryption you'll have to enter two passwords to get into your computer anyway, just means your personal files get protected with two passwords. I would agree it's mostly gimmicky but I still want to try it out lol

[–] Goun@lemmy.ml 1 points 8 months ago (1 children)

Amazing! How do you setup the decryption on login? systemd-home or something like that?

[–] communism@lemmy.ml 2 points 8 months ago (1 children)

pam_mount. Arch wiki also suggests pam-exec although their explanation uses systemd (I'm using runit).

[–] Goun@lemmy.ml 3 points 8 months ago

Fancy! TIL about pam_mount. Thanks, comrade!

[–] possiblylinux127@lemmy.zip 1 points 8 months ago (1 children)

Wouldn't it be easier to just use a longer password and or a longer hash

[–] communism@lemmy.ml 1 points 8 months ago

Yes, it would. But it's less fun lol