Re: lvm2 on top of dm-crypt - how to add new hard disk
On Wed, Aug 21, 2013 at 12:19:40PM -0300, Luther Blissett wrote: > My initial guess was that it should be possible to extend this > encryption scheme to the new hard disk using standard lvm tools and the > unencrypted "open" disk as physical volume to the already existing > volume group. However, after some research the nearest I got was someone > who added the disk while creating a new volume group: > > http://earlruby.org/2010/02/adding-an-external-encrypted-drive-with-lvm-to-ubuntu-linux/comment-page-1/ > > and this arch wiki saying I should better have the reverse: luks on lvm. > > https://wiki.archlinux.org/index.php/Encrypted_LVM#Spanned.2FMultiple_Disks > > But it does not state it is impossible, it just says that it requires > modifying the "encrypted hook". Also, it's clear that once this is done, Yes, you could do what you're after if you had luks on lvm. If there is a way for luks to span multiple disks, I'm not aware of it. The best suggestion I can think of is to simply set the new drive up as a physical volume, and put new volume groups on it. You can mount volumes from the second drive to wherever you need more space in the original drive. If that's not possible, you should be able to move logical volumes from the first drive to the second drive to make room on the first drive. > if one disk fails, the system will be unbootable. Another reason to just put a new volume group or groups on the new drive instead of extending the existing group or groups if that is possible. > > So my question is: have anyone here ever done that? How to I tell init > to unlock both disks before mapping lvm? If you're asking how to decrypt a luks volume in place, I know of such a way. If you're asking how encrypted volumes are opened during boot, have a look at the crypttab(5) man page. Greg -- web site: http://www.gregn..net gpg public key: http://www.gregn..net/pubkey.asc skype: gregn1 (authorization required, add me to your contacts list first) -- Free domains: http://www.eu.org/ or mail dns-mana...@eu.org -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130822005808.ga22...@gregn.net
lvm2 on top of dm-crypt - how to add new hard disk
Hello folks, So I might better ask before attempting something stupid. I need to add a new hard drive to an encrypted debian box. The encryption scheme was set using debian installer defaults which resulted in just /dev/sda1 -> /boot outside block device encryption. Everything else is encrypted and lvm is used instead of ordinary partitions. My initial guess was that it should be possible to extend this encryption scheme to the new hard disk using standard lvm tools and the unencrypted "open" disk as physical volume to the already existing volume group. However, after some research the nearest I got was someone who added the disk while creating a new volume group: http://earlruby.org/2010/02/adding-an-external-encrypted-drive-with-lvm-to-ubuntu-linux/comment-page-1/ and this arch wiki saying I should better have the reverse: luks on lvm. https://wiki.archlinux.org/index.php/Encrypted_LVM#Spanned.2FMultiple_Disks But it does not state it is impossible, it just says that it requires modifying the "encrypted hook". Also, it's clear that once this is done, if one disk fails, the system will be unbootable. So my question is: have anyone here ever done that? How to I tell init to unlock both disks before mapping lvm? -- André N. Batista GNUPG/PGP KEY: 6722CF80 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1377098380.18481.22.camel@tagesuhu-pc
lvm2 on top of dm-crypt - how to add new hard disk
Hello folks, So I might better ask before attempting something stupid. I need to add a new hard drive to an encrypted debian box. The encryption scheme was set using debian installer defaults which resulted in just /dev/sda1 -> /boot outside block device encryption. Everything else is encrypted and lvm is used instead of ordinary partitions. My initial guess was that it should be possible to extend this encryption scheme to the new hard disk using standard lvm tools and the unencrypted "open" disk as physical volume to the already existing volume group. However, after some research the nearest I got was someone who added the disk while creating a new volume group: http://earlruby.org/2010/02/adding-an-external-encrypted-drive-with-lvm-to-ubuntu-linux/comment-page-1/ and this arch wiki saying I should better have the reverse: luks on lvm. https://wiki.archlinux.org/index.php/Encrypted_LVM#Spanned.2FMultiple_Disks But it does not state it is impossible, it just says that it requires modifying the "encrypted hook". Also, it's clear that once this is done, if one disk fails, the system will be unbootable. So my question is: have anyone here ever done that? How to I tell init to unlock both disks before mapping lvm? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1377098415.18481.23.camel@tagesuhu-pc
