I am planning on reinstalling to new drive(s) the next time my distro releases a new version and i am interested in drive encryption, so i was wondering

if i have root and home on two separate SSDs and they are encrypted with the same password, would i have to enter the password twice to boot? and would there be any other downsides of an encrypted two drive setup?

is there anything i should take into account when using or setting up drive encryption? any best practices for drive encryption that i should know?

thanks in advance

    • Tiuku
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Yes it’s pretty easy with keyfile and /etc/crypttab.

      One practical recommendation: As LUKS headers can hold several keys, also add a traditional passphrase in addition to the keyfile. With this it’s far easier to decrypt the drive from commandline if you ever need to rescue the system from a USB.

    • hschen
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Oh yeah i forgot about doing this, actually way easier than what i suggested