On Sun, Jan 07, 2024 at 12:40:18PM +0100, Stefan Kreutz wrote: > You can indeed create multiple 1M RAID disklabel partitions per device
Yes, you can. And that may be the most appropriate solution in this case, and in cases where you have several machines each with one softraid crypto partition and want to store the key for each machine on one physical device. But my understanding is that the OP wants to use the same encryption key for multiple softraid crypto partitions, not just the same physical device to hold multiple keys, which is what you are describing. All of this, (and more), is _possible_ iff you understand in detail how the softraid crypto system works at a low level, and are comfortable manually hacking things to make it work. There are no tools, (in base), to do such manipulations of softraid volumes automatically. Another solution, if you have a lot of softraid crypto volumes on the same machine, (E.G. many physical disks each with one such partition), is to use a key for the main one, (possibly the boot volume), and _passphrases_ for the rest of them. Those passphrases can then be stored in files on the encrypted volume that uses the key, and automatically attached as necessary one the first volume has been attached using the key.
