logo

blog

My website can't be that messy, right? git clone https://hacktivis.me/git/blog.git
commit: 3aad452235d4f10693999899517d9fd8d2377ed5
parent 7c4b1745eacee2e8cced434fe358b6f32e55a03d
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Mon,  6 Jul 2020 08:43:57 +0200

articles/Entire Disk Encryption with LUKS and ZFS: Formatting fixes

Diffstat:

Marticles/Entire Disk Encryption with LUKS and ZFS.xhtml16++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/articles/Entire Disk Encryption with LUKS and ZFS.xhtml b/articles/Entire Disk Encryption with LUKS and ZFS.xhtml @@ -4,12 +4,12 @@ <p>This tutorial is for people that know how to install gentoo. By Entire Disk Encryption I mean that even the /boot is encrypted. (but grub isn’t I think I’d need UEFI which too much hard and risky to setup and I don’t have hardware compatible with coreboot)</p> <h3>Setup the disk</h3> <ul> - <li>Disk: /dev/sda, sda1: BIOS Boot(2M+), sda2: Linux - <li>LUKS container: $hostname - <li>Zpool: $hostname - <li>Your username: haelwenn - <li>temporary mountpoint: /mnt/gentoo - <li>UUID of your clean GPT table: 1c578f43-6f16-497c-ba88-986609ffa1d6 + <li>Disk: /dev/sda, sda1: BIOS Boot(2M+), sda2: Linux</li> + <li>LUKS container: $hostname</li> + <li>Zpool: $hostname</li> + <li>Your username: haelwenn</li> + <li>temporary mountpoint: /mnt/gentoo</li> + <li>UUID of your clean GPT table: 1c578f43-6f16-497c-ba88-986609ffa1d6</li> </ul> <pre><code>cryptsetup --cipher aes-xts-plain64 --key-size 512 --hash sha512 --verify-passphrase luksFormat /dev/sda2 cryptsetup open /dev/sda2 $hostname @@ -29,7 +29,7 @@ zfs create $hostname/GENTOO zfs create -o mountpoint=/var/cache/distfiles $hostname/GENTOO/distfiles zfs create -o mountpoint=/var/cache/binpkgs $hostname/GENTOO/packages zfs create -o mountpoint=/var/db/repos $hostname/GENTOO/repos -zfs create $hostname/GENTOO/repos/gentoo +zfs create $hostname/GENTOO/repos/gentoo</code></pre> <h2>Configuring</h2> <p>USE flags:</p> <pre><code>sys-boot/grub libzfs device-mapper @@ -40,7 +40,7 @@ sys-kernel/genkernel cryptsetup</code></pre> <p>Configuring ZFS for boot-up: <code>rc-update add zfs-import boot &amp;&amp; rc-update add zfs-mount &amp;&amp; rc-update add zfs-zed</code></p> <h3>initramfs (genkernel)</h3> <pre><code>mv /etc/genkernel.conf /etc/genkernel.conf.dist -cat >/etc/genkernel.conf <<-EOF +cat &gt;/etc/genkernel.conf &lt;&lt;-EOF GK_SHARE="${GK_SHARE:-/usr/share/genkernel}" CACHE_DIR="/var/cache/genkernel" DISTDIR="/var/cache/distfiles"