A naukri.com initiative
Dev
1w
227
Image Credit: Dev
NixOS Full Disk Encryption with USB/SD-Card/Password Unlock
- NixOS documentation is a bit lacking on full-disk encryption with remote storage, but this post has all the steps to demonstrate how to set up full-disk encryption with remote unlocking using a flash drive, SD card, or password.
- Before partitioning exit from the GUI and switch to root.
- The article provided a set of commands to partition, format, and encrypt the disk
- The set of commands to encrypt the disk includes creating a efi boot partition, a linux LVM partition, formatting and encrypting the LVM partition.
- A new logical volume is created for the root file system from all remaining free space and a specified swap partition and a FAT32 format created for the boot partition.
- After the partition, formatting and encryption, the roots file system is mounted and the configuration is generated with the provided set of commands.
- The set of configuration included boot options that enable, efi, grub, and kernelModules.
- While initiating the root file system the Luks devices are defined and their settings includw preLVM, allowDiscards, keyFileSize, fallbackToPassword, etc.
- The guide also provides a way to unlock the system remotely with a flash drive or SD card.
- The guide has provided simple steps to accomplish the NixOS full-disk encryption with remote login with a USB or SD Card.
Read Full Article
13 Likes
For uninterrupted reading, download the app