From Fedora Project Wiki

Revision as of 13:08, 30 September 2009 by Jlaska (talk | contribs) (Updated to instructions borrowed from autopart (encrypted) test case)

Description

Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). For additional details, consult the http://docs.fedoraproject.org/install-guide/f41/en-US/html/Disk_Encryption_Guide.html.

When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.

References:


How to test

  • Boot the installer using any available means (boot.iso, CD, DVD, Live image or PXE)
  1. At the first disk partitioning screen, select Encrypt System and Review partition details. Proceed to the next screen by selecting Next
  2. Ensure that each LVM logical volume is configured for encryption. You may need to edit the physical volume properties and select Encrypt
  3. Ensure that each LVM physical volume is configured for encryption. You may need to edit the physical volume properties and select Encrypt
  4. Proceed to the next step by clicking Next
  5. When prompted, enter a passphrase twice
  6. Complete the installation as desired

Expected Results

  1. The system should install successfully
  2. A lock icon appears next to all disk partitions configured for encryption
  3. The system should prompt for your passphrase only once during boot
  4. The system unlocks the encrypted partition(s) and boots successfully


|results= On the installed system verify that:

  • you are prompted once for the passphrase to unlock all encrypted partitions
  • an entry for each encrypted disk partition exists in /etc/crypttab

}}