Hi everyone,
For my own sanity, could someone provide some guidance on how to add a key-file to the LUKS partition of a regular/generic installation of qubes-os ?
and, suggestion on how to best create the key-files, if any.
Thanks,
Hi,
What about doing backups instead? You should be able to restore important data anyway, so if you forgot your LUKS password you could restore from backups.
Also if you go with the key, you should make two in case you lose the usual one or if it break, you need a copy of it.
Red Hat has a nice guide for keyfiles from my reading, I did not try it though. How to add a passphrase, key, or keyfile to an existing LUKS device - Red Hat Customer Portal
Hi @solene
backups - these are been done using a really helpful guide on incremental backups on a daily basis.
And, yes, I did verify the back-ups and they were restored correctly.
(thanks that guide 
)
and, most weekends with qubes default tool (just in case)
but, …
just to avoid a human error (e.g.: forgetting/mistyping a long winded password)
I wanted to add a key-file, or two now.
the RH guide was helpful.
TWO key-files were added to /dev/nvme0n1p3 (using default installation of qubes-os)
Thanks for your suggestions,
1 Like