-
Notifications
You must be signed in to change notification settings - Fork 5
/
encryptrootfs.conf
77 lines (59 loc) · 2.23 KB
/
encryptrootfs.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
#!/bin/sh
# NOTE: The defaults in this file MUST be carefully read and understood before using this module!
# The defaults may NOT be appropriate for your site. Carefully review and understand your threat model
# (ie, what attack scenarios you are protecting yourself against) and adjust accordingly!
#
# The port to run the ssh daemon on
# Default: 222
dropbear_port="2222"
# Authorized public keys that can log into the initrd ssh daemon
#
# Default: ""
#dropbear_acl=""
# Encrypted key path at /boot folder of boot labeled partition
#encrypted_keyfile_path="luks.key"
# Decrypted key path to store in ramfs during unlock volume stage
#decrypted_keyfile_path="/tmp/keyfile.key"
# size in megabytes of boot partition to created
# Depends on size of content of your /boot folder.
# Default: 200
#boot_partition_size=200
# the disk we are working with
# Depends on your device naming change it if needed.
# Required.
#disk=sda
# root partition to encrypt
# it is result partition we are going to create, luksFormat and lock/unlock.
# Required.
#root_partition=sda1
# target filesystem for boot partition
# Default: ext3
#boot_partition_file_system=ext3
# target filesystem for rootfs partition
# Default: ext3
#rootfs_partition_file_system=ext3
# boot partition label to use
# Default: boot
#boot_partition_label=boot
# Reread partition table.
# It is needed for Centos 6 only.
# Default: false
#reread_partition_table=false
# key management implementation
# custom key management implementation could be configured here
# Default: naive_keymanagement.sh
#key_management_implementation="naive_keymanagement.sh"
# networking configuration implementation
# It is the place where you can put you custom networking stuff. OpenStack Config Drive based or something.
# Required.
#networking_configuration_implementation="dhcp_networking_configuration_centos7.sh"
# list of binaries' names to install to initramfs for networking configuration script
#networking_configuration_dependencies=""
# Pause on error
# Default: 10 sec
#pause_on_error=10
# Install troubleshooting utilities
# Default: false
#install_debug_deps=false
# List of dependencies to install for debugging purposes
#debug_deps="blockdev e2fsck nano partx partprobe resize2fs tune2fs lsmod env df du md5sum"