aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Heinicke <theinicke@bss-wf.de>2015-07-02 01:03:46 +0200
committerFrancis Rowe <info@gluglug.org.uk>2015-07-02 00:30:53 +0100
commita8541811e98467478948b57db1e6c23ff72dcc7a (patch)
tree6755ef6077527ab9af74024b8a44e4250a271542
parentfa9e47ac349a26806b74347d2e41e0b1ebce675a (diff)
downloadlibrebootfr-a8541811e98467478948b57db1e6c23ff72dcc7a.tar.gz
librebootfr-a8541811e98467478948b57db1e6c23ff72dcc7a.zip
Changed cryptomount occurences to exclude SOURCE.
The GNU/Linux installation guides call 'cryptomount -a', which ignores any SOURCE parameter given and mounts all encrypted volumes regardless. To avoid confusion I removed the parameter and added a small note regarding mounting only specific partitions.
-rw-r--r--docs/gnulinux/encrypted_parabola.html11
-rw-r--r--docs/gnulinux/encrypted_trisquel.html11
2 files changed, 18 insertions, 4 deletions
diff --git a/docs/gnulinux/encrypted_parabola.html b/docs/gnulinux/encrypted_parabola.html
index 7a74f93d..7db3e7d3 100644
--- a/docs/gnulinux/encrypted_parabola.html
+++ b/docs/gnulinux/encrypted_parabola.html
@@ -474,7 +474,7 @@
(using those 2 underlines will boot lts kernel instead of normal).
</p>
<p>
- grub> <b>cryptomount -a (ahci0,msdos1)</b><br/>
+ grub> <b>cryptomount -a</b><br/>
grub> <b>set root='lvm/matrix-rootvol'</b><br/>
grub> <b>linux /boot/vmlinuz-linux-libre<u>-lts</u> root=/dev/matrix/rootvol cryptdevice=/dev/sda1:root</b><br/>
grub> <b>initrd /boot/initramfs-linux-libre<u>-lts</u>.img</b><br/>
@@ -497,7 +497,7 @@
<p>
Inside the 'Load Operating System' menu entry, change the contents to:<br/>
<b><i>
- cryptomount -a (ahci0,msdos1)<br/>
+ cryptomount -a<br/>
set root='lvm/matrix-rootvol'<br/>
linux /boot/vmlinuz-linux-libre<u>-lts</u> root=/dev/matrix/rootvol cryptdevice=/dev/sda1:root<br/>
initrd /boot/initramfs-linux-libre<u>-lts</u>.img
@@ -511,6 +511,12 @@
</p>
<p>
+ Note: <i>cryptomount -a</i> mounts all encrypted devices found. It may be desirable to just mount the needed partition.
+ To do so you may either specify your partition via layout (e.g.: <i>cryptomount -a (ahci0,msdos1)</i>)
+ or use the UUID <i>cryptomount -u UUID</i>.
+ </p>
+
+ <p>
Personally, I opted to have the entry for linux-libre-grsec at the top, so that it would load by default.
</p>
@@ -635,6 +641,7 @@
Copyright &copy; 2014, 2015 Francis Rowe &lt;info@gluglug.org.uk&gt;<br/>
Copyright &copy; 2015 Thomas Zelch &lt;tze@xenlab.de&gt;<br/>
Copyright &copy; 2015 Arthur Heymans &lt;arthur@aheymans.xyz&gt;<br/>
+ Copyright &copy; 2015 Tobias Heinicke &lt;theinicke@bss-wf.de&gt;<br/>
This document is released under the Creative Commons Attribution-ShareAlike 4.0 International Public License and all future versions.
A copy of the license can be found at <a href="../cc-by-sa-4.txt">../cc-by-sa-4.txt</a>.
</p>
diff --git a/docs/gnulinux/encrypted_trisquel.html b/docs/gnulinux/encrypted_trisquel.html
index 367dbbfb..27864a81 100644
--- a/docs/gnulinux/encrypted_trisquel.html
+++ b/docs/gnulinux/encrypted_trisquel.html
@@ -229,7 +229,7 @@
<p>
Do that:<br/>
- grub&gt; <b>cryptomount -a (ahci0,msdos1)</b><br/>
+ grub&gt; <b>cryptomount -a</b><br/>
grub&gt; <b>set root='lvm/grubcrypt-trisquel'</b><br/>
grub&gt; <b>linux /vmlinuz root=/dev/mapper/grubcrypt-trisquel cryptdevice=/dev/mapper/grubcrypt-trisquel:root</b><br/>
grub&gt; <b>initrd /initrd.img</b><br/>
@@ -276,13 +276,19 @@
</p>
<p>
- <b>cryptomount -a (ahci0,msdos1)</b><br/>
+ <b>cryptomount -a</b><br/>
<b>set root='lvm/grubcrypt-trisquel'</b><br/>
<b>linux /vmlinuz root=/dev/mapper/grubcrypt-trisquel cryptdevice=/dev/mapper/grubcrypt-trisquel:root</b><br/>
<b>initrd /initrd.img</b>
</p>
<p>
+ Note: <i>cryptomount -a</i> mounts all encrypted devices found. It may be desirable to just mount the needed partition.
+ To do so you may either specify your partition via layout (e.g.: <i>cryptomount -a (ahci0,msdos1)</i>)
+ or use the UUID <i>cryptomount -u UUID</i>.
+ </p>
+
+ <p>
Additionally, you should set a GRUB password. This is not your LUKS password, but it's a password that you have to enter to see
GRUB. This protects your system from an attacker simply booting a live USB and re-flashing your firmware. <b>This should be different than your LUKS passphrase and user password.</b>
</p>
@@ -320,6 +326,7 @@
<p>
Copyright &copy; 2014, 2015 Francis Rowe &lt;info@gluglug.org.uk&gt;<br/>
+ Copyright &copy; 2015 Tobias Heinicke &lt;theinicke@bss-wf.de&gt;<br/>
This document is released under the Creative Commons Attribution-ShareAlike 4.0 International Public License and all future versions.
A copy of the license can be found at <a href="../cc-by-sa-4.txt">../cc-by-sa-4.txt</a>.
</p>