Clone a system to an encrypted drive
Chris Murphy
lists at colorremedies.com
Thu Jul 16 02:57:56 UTC 2015
The gist is:
cryptsetup, you can use the defaults which uses aes-xts-plain64 with a
256 bit key. I like the -y and -v options.
You'll need to create or modify the /etc/crypttab file, which takes the form of:
<anyname> <uuid> none
The name can be anything but I do it the anaconda way which is
luks-<uuid> and then <uuid> is the LUKS UUID reported by blkid.
Use that same UUID in the form rd.luks=UUID=<uuid> as a boot parameter
in /etc/default/grub and then grub2-mkconfig -o /boot/grub2/grub.cfg
or
grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
as the case may be if you have a UEFI system
And finally, the fstab entry is created the same as if it weren't
encrypted, you still use the fs volume UUID as reported by blkid.
And since i have it handy, the rsync command anaconda uses is:
rsync -pogAXtlHrDx
Chris Murphy
More information about the users
mailing list