mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

18K
active users

Proudly ashamed that I just kneecapped the full-disk #LUKS encryption on one of my personal #Linux servers.

I decided that the device was in a secure-enough location, and being able to auto-start on boot (e.g. after a power outage) was more important than protecting the drive contents.

This is the technique I used, which has the benefit that I can relatively easily reverse the change later on: web.archive.org/web/2014093022

@HerraBRE heh, I still prefer unlock-via-SSH, even though evil maid and all that.

@rysiek I still use that for some of the data (an external backup drive), but the machine needs to boot far enough to be on the network and accessible for that to work...

This machine wasn't originally set up with this in mind, so it doesn't have separate root/home partitions.

Michał "rysiek" Woźniak · 🇺🇦

@HerraBRE unlocking of LUKS root partition can be done directly in initramfs:
neilzone.co.uk/2021/06/unlocki

I use a version of this on a bunch of servers.

But yeah, it needs network access, obviously.

Anyway, whatever works. I am probably overdoing it with this. 😅

Photo of me, a white man with a short dark beard, and dark hair, posing with my thumb on my chin
neilzone.co.ukUnlocking a LUKS-encrypted partition via ssh on Debian 10 and Debian 11Update: since writing this, I’ve also tested it on Debian 11 RC2.