Is anyone else using the guide Fedora Encrypted Root With Automatic Key Unlocking?
I’m using a cleartext partition on the same disk – the intent here is not to prevent Evil Maid attacks but to have encryption at rest.
The instructions have worked so far but for some reason on a clean install of F36 I’ve failed to get them to work. Since I made a clean install, it is possible it is an error on my part.
So: has anyone got working auto-unlocking LUKS on F36, either from an unencrypted USB pen or from an unencrypted partition on an internal disk?
I have it working, with the key on an unencrypted USB drive. In fact this was working on F35 and the upgrade to F36 went smoothly, it just kept on working I’m pretty sure I used that blog post you linked as the starting point as well.
You’re right. It was PEBCAK.
GRUB_CMDLINE_LINUX="rd.luks.uuid=luks-926ee4d1-4cd8-43d7-97a3-07d41ed2a742 rd.luks.key=**luks**-926ee4d1-4cd8-43d7-97a3-07d41ed2a742=/my.luks.key:LABEL=keys rd.luks.options=**luks**-926ee4d1-4cd8-43d7-97a3-07d41ed2a742=keyfile-timeout=45s rhgb quiet"
GRUB_CMDLINE_LINUX="rd.luks.uuid=luks-926ee4d1-4cd8-43d7-97a3-07d41ed2a742 rd.luks.key=926ee4d1-4cd8-43d7-97a3-07d41ed2a742=/my.luks.key:LABEL=keys rd.luks.options=926ee4d1-4cd8-43d7-97a3-07d41ed2a742=keyfile-timeout=45s rhgb quiet"
and only now I noticed it.