Create Keyfile for USB stick via GUI

  • Is it possible to create a keyfile via GUI. And store it on a USB Stick. To unlock my luks HDD ?
    I Want to put my USB-Stick in and the HDD should automatically encrypt. If I remove it should lock again.
    I have read this LUKS + KeyFile + AutoMount? [SOLVED] thread, but i have problems with post 35.


    Is there an easy way with the OMV GUI over Storage-Encyption-Keys-Add ?



    If it is not possible to create it via GUI
    Questions:

    One thing about the usb stick...many people mount the stick to get the keyfile. but there are better ways...you could place /dev/random infront of the first partition. This way no mount is needed anymore. But check the start of your usb part:

    Code
    Device Boot Start End Sectors Size Id Type
    /dev/sdx1 2048 15633407 15631360 7,5G 83 Linux

    I have
    sda - USB stick / sdb - HDD (mounted both over GUI)
    But not sure what i should do with the start and end sector


    now i think i copy from an "random file" the key to my usb stick

    Code
    dd if=/dev/random of=/dev/sdx bs=512 seek=1 count=204

    my try:

    Code
    root@raspberrypiomv:/etc# dd if=/dev/random of=/dev/sda bs=512 seek=1 count=2046
    dd: warning: partial read (115 bytes); suggest iflag=fullblock
    0+2046 records in
    0+2046 records out
    161489 bytes (161 kB, 158 KiB) copied, 0.222977 s, 724 kB/s

    What happens here ? Overwrite the same file with a skip or copy it with a skip ?

    Code
    dd if=/dev/sdx bs=512 skip=1 count=8 > tempKeyFile.bin

    Last questions

    Add this keyfile to your luks header!


    Add this option to crypttab entries: "x x x luks,keyfile-size=4096,keyfile-offset=512"

    How can i add it in my header (i have done the luks encryption in the OMV GUI)
    which entries the fstab ?



    Thanks for Help

  • Is it possible to create a keyfile via GUI. And store it on a USB Stick. To unlock my luks HDD ?

    I don't think so. As I see it OMV lets you only uploading the file.

    Is there an easy way with the OMV GUI over Storage-Encyption-Keys-Add ?

    I don't think so. As I see it OMV lets you only add a keyfile to the LUKS header.

    now i think i copy from an "random file" the key to my usb stick

    ...to be more precise, it is not a file, but a stream. I recommend you to read the man page before using dd. Without knowing what you do, you might end up with data loss.

    What happens here ? Overwrite the same file with a skip or copy it with a skip ?

    512 * 8 bytes of random data from USB stick is exported to file.

    How can i add it in my header (i have done the luks encryption in the OMV GUI)
    which entries the fstab ?

    Via the GUI or commandline (cryptsetup luksAddKey). The screenshot you have posted shows how it works to add a keyfile or password.


    I have written this in the thread few posts before (LUKS + KeyFile + AutoMount? [SOLVED]). Also about the crypttab entry. Good luck!

    cpu Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
    omv 6.9.13-1 (Shaitan)

    kernel 6.1.0-0.deb11.11-amd64

    2 Mal editiert, zuletzt von godfuture ()

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!