diff options
author | Tobias Heinicke <theinicke@bss-wf.de> | 2015-07-02 01:03:46 +0200 |
---|---|---|
committer | Francis Rowe <info@gluglug.org.uk> | 2015-07-02 00:30:53 +0100 |
commit | a8541811e98467478948b57db1e6c23ff72dcc7a (patch) | |
tree | 6755ef6077527ab9af74024b8a44e4250a271542 | |
parent | fa9e47ac349a26806b74347d2e41e0b1ebce675a (diff) | |
download | librebootfr-a8541811e98467478948b57db1e6c23ff72dcc7a.tar.gz librebootfr-a8541811e98467478948b57db1e6c23ff72dcc7a.zip |
Changed cryptomount occurences to exclude SOURCE.
The GNU/Linux installation guides call 'cryptomount -a', which ignores
any SOURCE parameter given and mounts all encrypted volumes regardless.
To avoid confusion I removed the parameter and added a small note
regarding mounting only specific partitions.
-rw-r--r-- | docs/gnulinux/encrypted_parabola.html | 11 | ||||
-rw-r--r-- | docs/gnulinux/encrypted_trisquel.html | 11 |
2 files changed, 18 insertions, 4 deletions
diff --git a/docs/gnulinux/encrypted_parabola.html b/docs/gnulinux/encrypted_parabola.html index 7a74f93d..7db3e7d3 100644 --- a/docs/gnulinux/encrypted_parabola.html +++ b/docs/gnulinux/encrypted_parabola.html @@ -474,7 +474,7 @@ (using those 2 underlines will boot lts kernel instead of normal). </p> <p> - grub> <b>cryptomount -a (ahci0,msdos1)</b><br/> + grub> <b>cryptomount -a</b><br/> grub> <b>set root='lvm/matrix-rootvol'</b><br/> grub> <b>linux /boot/vmlinuz-linux-libre<u>-lts</u> root=/dev/matrix/rootvol cryptdevice=/dev/sda1:root</b><br/> grub> <b>initrd /boot/initramfs-linux-libre<u>-lts</u>.img</b><br/> @@ -497,7 +497,7 @@ <p> Inside the 'Load Operating System' menu entry, change the contents to:<br/> <b><i> - cryptomount -a (ahci0,msdos1)<br/> + cryptomount -a<br/> set root='lvm/matrix-rootvol'<br/> linux /boot/vmlinuz-linux-libre<u>-lts</u> root=/dev/matrix/rootvol cryptdevice=/dev/sda1:root<br/> initrd /boot/initramfs-linux-libre<u>-lts</u>.img @@ -511,6 +511,12 @@ </p> <p> + Note: <i>cryptomount -a</i> mounts all encrypted devices found. It may be desirable to just mount the needed partition. + To do so you may either specify your partition via layout (e.g.: <i>cryptomount -a (ahci0,msdos1)</i>) + or use the UUID <i>cryptomount -u UUID</i>. + </p> + + <p> Personally, I opted to have the entry for linux-libre-grsec at the top, so that it would load by default. </p> @@ -635,6 +641,7 @@ Copyright © 2014, 2015 Francis Rowe <info@gluglug.org.uk><br/> Copyright © 2015 Thomas Zelch <tze@xenlab.de><br/> Copyright © 2015 Arthur Heymans <arthur@aheymans.xyz><br/> + Copyright © 2015 Tobias Heinicke <theinicke@bss-wf.de><br/> This document is released under the Creative Commons Attribution-ShareAlike 4.0 International Public License and all future versions. A copy of the license can be found at <a href="../cc-by-sa-4.txt">../cc-by-sa-4.txt</a>. </p> diff --git a/docs/gnulinux/encrypted_trisquel.html b/docs/gnulinux/encrypted_trisquel.html index 367dbbfb..27864a81 100644 --- a/docs/gnulinux/encrypted_trisquel.html +++ b/docs/gnulinux/encrypted_trisquel.html @@ -229,7 +229,7 @@ <p> Do that:<br/> - grub> <b>cryptomount -a (ahci0,msdos1)</b><br/> + grub> <b>cryptomount -a</b><br/> grub> <b>set root='lvm/grubcrypt-trisquel'</b><br/> grub> <b>linux /vmlinuz root=/dev/mapper/grubcrypt-trisquel cryptdevice=/dev/mapper/grubcrypt-trisquel:root</b><br/> grub> <b>initrd /initrd.img</b><br/> @@ -276,13 +276,19 @@ </p> <p> - <b>cryptomount -a (ahci0,msdos1)</b><br/> + <b>cryptomount -a</b><br/> <b>set root='lvm/grubcrypt-trisquel'</b><br/> <b>linux /vmlinuz root=/dev/mapper/grubcrypt-trisquel cryptdevice=/dev/mapper/grubcrypt-trisquel:root</b><br/> <b>initrd /initrd.img</b> </p> <p> + Note: <i>cryptomount -a</i> mounts all encrypted devices found. It may be desirable to just mount the needed partition. + To do so you may either specify your partition via layout (e.g.: <i>cryptomount -a (ahci0,msdos1)</i>) + or use the UUID <i>cryptomount -u UUID</i>. + </p> + + <p> Additionally, you should set a GRUB password. This is not your LUKS password, but it's a password that you have to enter to see GRUB. This protects your system from an attacker simply booting a live USB and re-flashing your firmware. <b>This should be different than your LUKS passphrase and user password.</b> </p> @@ -320,6 +326,7 @@ <p> Copyright © 2014, 2015 Francis Rowe <info@gluglug.org.uk><br/> + Copyright © 2015 Tobias Heinicke <theinicke@bss-wf.de><br/> This document is released under the Creative Commons Attribution-ShareAlike 4.0 International Public License and all future versions. A copy of the license can be found at <a href="../cc-by-sa-4.txt">../cc-by-sa-4.txt</a>. </p> |