Just installed Solus and used the full disk encryption, and now I'd like to use a keyfile on a USB drive to decrypt my system during boot, and then have it ask for a passphrase if the keyfile can't be found.
I already generated a keyfile and added it as a key, but I'm stuck after that.. How do I tell my system to look for the keyfile before asking for a password?
Thanks!
Decrypting LUKS with a USB drive
- Edited
If you want a default passwords just set an encryption passphrases on your key. if you can bypass the usb, why bother adding an extra layer than can just be skipped? Just pick a strong passphrase and call it a day. Seems a bit like a waste of a usb slot to save typing a password without the added risk of a passphrase free key floating around in the wild.
I'm aware of the extra risk and it's not my favourite solution, but I'm on a tablet PC with a bluetooth keyboard, and adding a bluetooth hook to dracut or something like that seems a lot more complicated right now.