https://www.cemocom.de/tags/encryption/Recent content in Encryption on CeMoComHugoen-usWed, 15 Apr 2020 08:50:25 +0000https://www.cemocom.de/2020/04/15/open-luks-encrypted-device-via-key-on-usb-stick/Wed, 15 Apr 2020 08:50:25 +0000https://www.cemocom.de/2020/04/15/open-luks-encrypted-device-via-key-on-usb-stick/<h2 id="background">Background</h2> <p>If you want to encrypt the root file system of a computer running Linux with LUKS, you usually have to entere the encryption password at every system boot. Especially in the case of a headless computer acting as a server this is not suitable. To overcome this problem LUKS offers the possibility to store the encryption key as a keyfile and use it to open the encrypted disk.</p> <p>There also exist several guides how the keyfile can be stored on a USB stick. Examples include <a href="https://blog.tinned-software.net/automount-a-luks-encrypted-volume-on-system-start/">here</a>, <a href="https://decatec.de/linux/verschluesselte-festplatte-luks-mit-usb-stick-bei-systemstart-entschluesseln/">here</a> or <a href="https://wiki.debianforum.de/Cryptsetup_mit_systemd_und_Schl%C3%BCssel_auf_externem_USB-Stick">here</a> (the second and third guides are only available in German).</p>