summaryrefslogtreecommitdiff
path: root/libre/filesystem/crypttab
blob: dd6994b5a0b77761d0cf2efaaaf7cdb7fec1b8b2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# crypttab: Mappings for encrypted partitions
#
# Each mapped device will be created in /dev/mapper, so your /etc/fstab
# should use the /dev/mapper/{NAME} paths for encrypted devices.
#
# Each PASSWORD field can be an absolute pathname to a key file (starting
# with a slash, recommended) or a literal string that will be used as
# a passphrase. To use special characters in the passphrase, surround it
# by quotes, the usual bash quoting rules apply.
# There are two special keywords that cannot be used as passphrases:
#   - ASK  ask for a passphrase on boot
#   - SWAP use a random key and create a swapspace afterwards
# WARNING: use the SWAP keyword carefully, as it overwrites the data
#          on the specified partition
# 
# To create a key file:
#    hashalot -n 32 ripemd160 >/etc/crytfs.key
# or
#    dd if=/dev/urandom of=/etc/cryptfs.key bs=256 count=1
#
# To pass additional options to cryptsetup for non-LUKS partitions, use the
# fourth column.
#
# NOTE: Do not list your root (/) partition here, it must be set up
#       beforehand by the initramfs (/etc/mkinitcpio.conf).


# NAME		SOURCE DEVICE		PASSWORD		OPTIONS
#home		/dev/hda4		mypassword
#data1		/dev/hda3		"my \"password\""
#data2		/dev/hda5		/etc/cryptfs.key
#swap		/dev/hdx4		SWAP			-c aes-cbc-essiv:sha256 -s 256
#vol		/dev/hdb7		ASK