{"id":956,"date":"2025-02-21T04:00:56","date_gmt":"2025-02-21T01:00:56","guid":{"rendered":"https:\/\/itgen.itbumper.com\/?page_id=956"},"modified":"2025-02-26T11:22:58","modified_gmt":"2025-02-26T08:22:58","slug":"0038_ubuntu-server-22-04-lts-with-remote-luks-unlock","status":"publish","type":"page","link":"https:\/\/itgen.itbumper.com\/?page_id=956","title":{"rendered":"0038_Ubuntu Server 22.04 LTS with remote LUKS Unlock"},"content":{"rendered":"<p>The best way to secure your data using LUKS is to deploy a new OS.&nbsp;<\/p>\n<p>I used Ubuntu Server 22.04 because 24.04 crashed when encrypting a LUKS partition step.&nbsp;<\/p>\n<p>I will <span data-src-align=\"0:5\">describe<\/span> in <span data-src-align=\"6:6\">full<\/span> <span data-src-align=\"13:4\">one<\/span> <span data-src-align=\"18:2\">of<\/span> the <span data-src-align=\"31:9\">installation<\/span> <span data-src-align=\"21:9\">options<\/span> <span data-src-align=\"42:7\">that<\/span> <span data-src-align=\"50:1\">I<\/span> <span data-src-align=\"52:9\">use<\/span><span data-src-align=\"61:1\">.<\/span> The <span data-src-align=\"0:6\">first<\/span> <span data-src-align=\"8:3\">thing<\/span> <span data-src-align=\"12:2\">we<\/span> will <span data-src-align=\"15:6\">see<\/span> is <span data-src-align=\"22:3\">a<\/span> <span data-src-align=\"26:4\">window<\/span> <span data-src-align=\"31:1\">with<\/span> a <span data-src-align=\"33:12\">suggestion<\/span> for <span data-src-align=\"46:10\">installing<\/span> the&nbsp;<span data-src-align=\"57:6\">Ubuntu<\/span> <span data-src-align=\"64:6\">Server<\/span>.<\/p>\n<p>You <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:5\">can<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"6:6\">press<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"13:5\">Enter,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"19:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"21:2\">without<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"24:5\">waiting<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"30:2\">30<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"33:6\">seconds<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"39:1\">,<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"49:9\">installation<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"41:7\">process<\/span> will <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"59:8\">begin<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"67:1\">.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"812\" height=\"481\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_001.png\" alt=\"\" class=\"wp-image-957\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_001.png 812w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_001-300x178.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_001-768x455.png 768w\" sizes=\"(max-width: 812px) 85vw, 812px\" \/><\/figure><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"629\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_002-1024x629.png\" alt=\"\" class=\"wp-image-959\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_002-1024x629.png 1024w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_002-300x184.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_002-768x472.png 768w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_002.png 1029w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:5\">After<\/span> that, you <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"6:5\">need<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"12:7\">select<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"20:4\">language. After<\/span>&nbsp;<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"32:6\">selecting<\/span> it<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"38:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"40:9\">a<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"50:4\">window<\/span> will open <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"55:1\">with<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"57:12\">suggestion<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"70:10\">continue<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"81:3\">without<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"85:10\">updating<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"95:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"98:1\">I<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"100:11\">prefer<\/span> immediately switching to an SSH connection and continuing the MobaXterm installation<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"188:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"191:9\">Using<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"209:3\">TAB<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"201:7\">key<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"212:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"214:7\">select<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"222:4\">Help<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"227:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"229:7\">select<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"243:5\">Enter<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"249:5\">Shell<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"237:5\">option<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"254:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"257:5\">Changing<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"263:6\">password<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"270:3\">for<\/span> the&nbsp;<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"274:12\">user called &#8220;installer&#8221;.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"775\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_003-1024x775.png\" alt=\"\" class=\"wp-image-960\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_003-1024x775.png 1024w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_003-300x227.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_003-768x581.png 768w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_003.png 1031w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\npasswd installer\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"961\" height=\"513\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_004.png\" alt=\"\" class=\"wp-image-958\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_004.png 961w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_004-300x160.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_004-768x410.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">I <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:5\">enter<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"6:6\">password<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"13:8\">twice<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"21:1\">,<\/span> use the &#8220;<strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"32:2\">ip<\/span> a<\/strong> &#8221; <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"23:8\">command<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"37:5\">find<\/span> out the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"43:7\">current<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"51:3\">MAC<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"55:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"57:2\">IP<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"60:5\">address<\/span>, <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"66:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"68:4\">if<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"73:5\">necessary<\/span>, I <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"86:5\">make<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"99:3\">MAC<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"102:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"103:2\">IP<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"92:6\">bundle<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"79:1\">in<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"81:4\">DHCP<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"107:1\">and<\/span> exit with the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"109:6:125:4\">exit<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"116:8\">command.<\/span><\/p>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">Launching an SSH session by using the command &#8220;<em><strong>ssh installer@192.168.10.15<\/strong><\/em>&#8220;, I confirm the connection. <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"74:6\">Now,<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"89:9\">installation<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"81:7\">process<\/span> is in <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"101:4\">my<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"108:7\">console<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"115:1\">.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"668\" height=\"682\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_005.png\" alt=\"\" class=\"wp-image-961\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_005.png 668w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_005-294x300.png 294w\" sizes=\"(max-width: 668px) 85vw, 668px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"57:9\">We get to the disk configuration section, and it&#8217;s partitions and select the physical disk correctly. Select the LUKS option and enter the disk encryption password if there are several of them<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"176:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"176:8\">During<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"185:9\">installation<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"194:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"196:8\">choose<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"205:7\">simple<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"213:6\">password<\/span> like <em><strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"225:9\">123455678<\/span><\/strong><\/em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"234:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"237:5\">When<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"243:7\">system<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"251:5\">is<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"257:6\">ready<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"263:1\">,<\/span> we will <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"265:6\">change<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"272:6\">password<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"279:2\">to<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"282:7\">good<\/span> one<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"289:1\">.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"966\" height=\"487\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_006.png\" alt=\"\" class=\"wp-image-962\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_006.png 966w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_006-300x151.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_006-768x387.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p>It will <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:9\">turn<\/span> out <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"10:3:14:2\">something<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"17:7\">similar<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"25:2\">to<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"28:3\">this:<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"972\" height=\"505\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_007.png\" alt=\"\" class=\"wp-image-963\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_007.png 972w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_007-300x156.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_007-768x399.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p>We <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:12\">confirm<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"14:3\">that<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"18:2\">we<\/span> are <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"21:7\">sure<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"687\" height=\"301\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_008.png\" alt=\"\" class=\"wp-image-964\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_008.png 687w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_008-300x131.png 300w\" sizes=\"(max-width: 687px) 85vw, 687px\" \/><\/figure><\/div>\n\n<p>We <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:6\">enter<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"7:11\">necessary<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"19:6\">data<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"26:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"28:10\">continue<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"232\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_009-1024x232.png\" alt=\"\" class=\"wp-image-965\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_009-1024x232.png 1024w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_009-300x68.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_009-768x174.png 768w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_009-1200x271.png 1200w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_009.png 1291w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<hr>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><em>When installing Ubuntu Server with disk encryption using LUKS, the following algorithm is used by default:<\/em><\/p>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><strong><em>Encryption algorithm: AES-XTS-plain64<\/em><\/strong><br><em><strong>Key size:<\/strong> 512 bits (for AES-XTS, the actual key is 256 bits for encryption and 256 bits for tweaking)<\/em><br><strong><em>The hash function for the key: sha256<\/em><\/strong><br><em><strong>PDF (Password-Based Key Derivation Function):<\/strong> argon2id (starting with newer versions, pbkdf2 was previously used)<\/em><br><em><strong>The number of iterations:<\/strong> dynamically determined during installation for optimal balance between performance and security.<\/em><\/p>\n<hr>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">We indicate that we want to install an SSH server and take the public key from GitHub or Launchpad, if available; if not, leave &#8220;none.&#8221; In my case, I have a public key on GitHub, and I immediately refuse to use SSH password access.<br>If the public key is found, it must be checked and confirmed. Next, we watch the system installation process; after finishing, select the Reboot Now option, after which the session will end.<\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"310\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_010-1024x310.png\" alt=\"\" class=\"wp-image-966\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_010-1024x310.png 1024w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_010-300x91.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_010-768x232.png 768w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_010.png 1038w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">The installation <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:7\">process<\/span> will <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"17:12\">stop<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"30:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"32:9\">prompt<\/span> you to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"42:6\">enter<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"49:6\">password<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"56:3\">to<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"60:13\">decrypt<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"74:5\">disk, and the installation process will continue. After that, we reconnect via SSH and are back on the server.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"967\" height=\"801\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_011.png\" alt=\"\" class=\"wp-image-967\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_011.png 967w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_011-300x249.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_011-768x636.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">The <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"11:11\">decryption<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:6\">password<\/span> is <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"23:8\">entered<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"32:2\">before<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"44:7\">system<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"35:8\">boots<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"51:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"53:7\">so<\/span> you must&nbsp;<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"73:4\">go<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"78:2\">to<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"81:4\">it<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"86:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"88:8\">type<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"97:3\">it<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"101:2\">on<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"104:10\">keyboard<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"115:3\">or<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"119:6\">do<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"126:3\">it<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"130:12\">remotely<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"143:5\">through<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"158:11\">virtual<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"170:5\">machine<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"149:8\">manager<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"176:4\">or<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"187:3\">BMC<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"190:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"192:4\">if<\/span> available<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"204:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"208:9\">Another<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"218:8\">solution<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"227:5\">would<\/span> be to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"233:13\">use<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"247:11\">simple<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"259:3\">SSH<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"263:7\">server<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"272:7\">that<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"280:11\">starts<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"292:1\">at<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"294:6\">time<\/span> of <strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"315:9\">initramfs<\/span><\/strong> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"301:13\">initialization<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"324:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"326:9\">with<\/span> which you <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"341:5\">can<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"353:6\">enter<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"367:4\">LUKS<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"360:6\">password<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"372:12\">remotely<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"385:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"387:12\">decrypt<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"400:4\">disk<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"406:5\">so<\/span> that the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"412:7\">system<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"420:6\">can<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"427:11\">boot<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"438:1\">.<\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo apt update &amp;&amp; sudo apt install upgrade -y\nsudo apt install dropbear-initramfs -y\n<\/pre><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:6\">Making<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"7:9\">changes<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"17:1\">to<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"24:12\">configuration<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"19:4\">file<\/span> <strong><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"48:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"49:3\">etc<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"52:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"53:8\">dropbear<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"61:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"62:9\">initramfs<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"71:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"72:8\">dropbear<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"80:1\">.<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"81:4\">conf<\/span><\/em><\/strong> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"87:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"89:8\">adding<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"98:5\">option<\/span> <strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"105:27\">DROPBEAR_OPTIONS=&#8221;-I 60 -s&#8221;<\/span><\/strong><\/p>\n<p><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:108\">-I 60 tells dropbear to terminate any connection that is idle for 60 seconds <\/span><\/em><\/p>\n<p><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:108\">-s &#8211; disables password logins.<\/span><\/em><\/p>\n<p><em> For <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"112:6\">more<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"119:5\">options<\/span>, <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"125:8\">see<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"134:3\">man<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"138:8\">dropbear<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"147:1\">8<\/span><\/em><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"718\" height=\"556\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_012.png\" alt=\"\" class=\"wp-image-968\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_012.png 718w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_012-300x232.png 300w\" sizes=\"(max-width: 718px) 85vw, 718px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:5\">To<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"6:9\">assign<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"16:11\">static<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"28:2\">IP<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"31:5\">address<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"36:1\">,<\/span> you <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"38:10\">need<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"49:9\">register<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"59:3\">it<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"63:1\">in<\/span> the <em><strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"74:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"75:3\">etc<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"78:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"79:9\">initramfs<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"88:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"89:5\">tools<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"94:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"95:9\">initramfs<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"104:1\">.<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"105:4\">conf<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"67:5\">file<\/span><\/strong>. <\/em><\/p>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"111:2\">IP<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"113:1\">=<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"114:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"115:5\">local<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"120:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"121:2\">ip<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"123:1\">&gt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"124:1\">:<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"125:1\">:<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"126:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"127:7\">gateway<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"134:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"135:2\">ip<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"137:1\">&gt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"138:1\">:<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"139:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"140:6\">subnet<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"146:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"147:4\">mask<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"151:1\">&gt;<\/span> <\/em><\/p>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"156:3\">or<\/span><\/p>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"161:2\">IP<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"163:1\">=<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"164:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"165:5\">local<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"170:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"171:2\">ip<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"173:1\">&gt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"174:1\">:<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"175:1\">:<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"176:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"177:7\">gateway<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"184:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"185:2\">ip<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"187:1\">&gt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"188:1\">:<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"189:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"190:6\">subnet<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"196:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"197:4\">mask<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"201:1\">&gt;<\/span>::<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"202:1\">&lt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"203:9\">interface<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"212:1\">&gt;<\/span><\/em> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"214:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"218:11\">if<\/span> there are <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"242:9\">several<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"230:11\">interfaces<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"251:1\">.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"633\" height=\"238\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_013.png\" alt=\"\" class=\"wp-image-970\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_013.png 633w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_013-300x113.png 300w\" sizes=\"(max-width: 633px) 85vw, 633px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:6\">Now<\/span> you <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"7:5\">need<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"13:7\">enter<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"21:4\">your<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"26:9\">public<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"36:4\">key<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"41:1\">into<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"43:4\">file <em><strong>\/etc\/dropbear\/initramfs\/authorized_keys <\/strong><\/em><\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"47:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"49:4\">if<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"54:3\">not<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"57:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"69:13\">generate<\/span> it <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"62:6\">first<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"82:1\">.<\/span> &nbsp;<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"140:5\">After<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"146:8\">making<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"155:9\">changes<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"164:1\">,<\/span> you <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"166:10\">need<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"177:8\">update<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"186:9\">loader<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"195:1\">.<\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo update-initramfs -u\n<\/pre><\/div>\n\n<p><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:5\">After<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"6:13\">restarting<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"20:6\">server<\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo reboot now\n<\/pre><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">We <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:9\">perform<\/span> an <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"25:3\">ssh<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"10:11\">connection<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"22:2:29:3\">for<\/span> the <strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"46:4\">root<\/span><\/strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"50:1\">,<\/span> and <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"52:5\">immediately<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"58:8\">send<\/span> the cryptroot<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"95:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"96:6\">unlock<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"78:7\">command<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"67:1\">the<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"69:8\">terminal<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"102:1\">.<\/span> It is <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"105:10\">necessary<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"116:12\">use<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"135:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"136:1\">i<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"129:5\">option<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"138:3\">to<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"142:8\">specify<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"151:4\">path<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"156:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"158:5\">name<\/span> of the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"164:10\">public<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"175:5\">key; I<\/span>&nbsp;have <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"189:2\">it<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"192:13\">pulled<\/span> up <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"206:13\">automatically<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"219:1\">.<\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nssh -t root@192.168.10.15 'cryptroot-unlock' \n<\/pre><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:6\">Enter<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"7:6\">password&#8211;&gt;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"15:5\">Enter. If ok, then an SSH session will close automatically.<\/span><\/p>\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"845\" height=\"250\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_014.png\" alt=\"\" class=\"wp-image-971\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_014.png 845w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_014-300x89.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_014-768x227.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure>\n\n\n<p style=\"text-align: justify;\">The <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:7\">system<\/span> will <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"8:10\">boot<\/span> up<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"18:1\">,<\/span> and <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"20:5\">then<\/span> we <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"26:12\">connect<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"39:1\">with<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"41:6\">key<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"48:2\">by<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"51:18\">username<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"69:1\">.<\/span><\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"850\" height=\"255\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_015.png\" alt=\"\" class=\"wp-image-973\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_015.png 850w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_015-300x90.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_015-768x230.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:7\">Looking<\/span> at the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"16:5\">disk<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"8:7\">partitions<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"34:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"36:9\">checking<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"46:9\">parameters<\/span> of the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"56:13\">existing<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"70:4\">LUKS<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"75:4\">volume<\/span>.\u00a0<\/p>\n<p><strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"1:3\">dev<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"4:1\">\/<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"5:4\">sda3<\/span> <\/strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"10:1\">is<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"12:3\">a<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"16:10\">device<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"27:1\">with<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"29:4\">LUKS<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"34:8\">partition<\/span><\/p>\n<p><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"44:1\">The<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"81:7\">occupied<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"89:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"91:9\">free<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"101:5\">slots<\/span> will <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"64:5\">be<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"70:10\">displayed<\/span> in the <strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"54:3\">Key<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"58:5\">Slots<\/span><\/strong> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"46:7\">section<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"106:1\">.<\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nlsblk \nsudo cryptsetup luksDump \/dev\/sda3\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"793\" height=\"971\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016.png\" alt=\"\" class=\"wp-image-974\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016.png 793w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016-245x300.png 245w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016-768x940.png 768w\" sizes=\"(max-width: 793px) 85vw, 793px\" \/><\/figure><\/div>\n\n<p>It&#8217;s time to change the encryption key; for convenience, I specified the key <strong>12345678<\/strong> during installation.<br \/>I generate the actual 256-bit (32-byte) key with the command:<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nopenssl rand -hex 32\u00a0\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"769\" height=\"73\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_017.png\" alt=\"\" class=\"wp-image-976\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_017.png 769w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_017-300x28.png 300w\" sizes=\"(max-width: 769px) 85vw, 769px\" \/><\/figure><\/div>\n\n<p>It will issue a key type: 4f9de22c93de069cd483fc674df7f17d8453df23b8687e2305ff7dc16e7e3600<br \/>or<\/p>\n<p>like this, where there are various symbols<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nopenssl rand -base64 32\n<\/pre><\/div>\n\n<p>It will issue a key like: T9rMPN52sU322UcWmcZcWdPouJWpFw1tpAhA6\/KKfmY=<\/p>\n<p>If copying the contents from the terminal to the clipboard causes problems, the key can be saved to a file by adding <em><strong>&gt;\/root\/luks-disk.key<\/strong> <\/em>at the end and immediately protecting the key file with the command:<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo chmod 400 \/root\/luks-disk.key\n<\/pre><\/div>\n\n<p>\u00a0<\/p>\n<hr \/>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><span style=\"text-decoration: underline;\"><em><strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:5\">Important<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"5:1\">:<\/span><\/strong> <\/em><\/span><\/p>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\"><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"7:3\">When<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"11:8\">transferring<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"20:6\">keys<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"27:1\">with<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"29:10\">different<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"40:9\">characters<\/span>, it is <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"50:5\">better<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"56:12\">use<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"69:5\">files<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"76:5\">to<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"82:8\">avoid<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"91:7\">problems<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"99:1\">with<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"101:14\">interpretation<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"115:1\">.<\/span> I <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"131:5\">immediately<\/span> write <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"137:3\">it<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"141:9\">down<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"151:1\">in<\/span> <strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"153:7\">KeePass<\/span><\/strong> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"162:5\">so<\/span> it doesn<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"168:2\">&#8216;t<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"120:10\">get<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"171:9\">lost<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"180:1\">.<\/span><\/em><\/p>\n<hr \/>\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">\u00a0<\/p>\n\n\n<p><strong>Adding a new key<\/strong><\/p>\n\n\n\n<p>If the clipboard in the terminal is working fine, then use the command:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup luksAddKey \/dev\/sda3\n<\/pre><\/div>\n\n\n<p>If not, you can read it from the key file.<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup luksAddKey \/dev\/sda3 &lt;\/root\/luks-disk.key\n<\/pre><\/div>\n\n<p><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\">The system will ask you to enter the encryption key; enter the one you installed,\u00a0<em><strong>12345678,\u00a0<\/strong><\/em>and the new key twice.<\/span><\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Checking<\/strong><\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup luksDump \/dev\/sda3\n<\/pre><\/div>\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"775\" height=\"1002\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_018.png\" alt=\"\" class=\"wp-image-1027\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_018.png 775w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_018-232x300.png 232w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_018-768x993.png 768w\" sizes=\"(max-width: 775px) 85vw, 775px\" \/><\/figure>\n\n\n<p>Two key slots are already occupied, so it&#8217;s okay.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Deleting the old, simple encryption key<\/strong><\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup luksRemoveKey \/dev\/sda3\n<\/pre><\/div>\n\n<p>and enter the key that needs to be deleted, in our case 12345678.<\/p>\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Checking it out again<\/strong><\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup luksDump \/dev\/sda3\n<\/pre><\/div>\n\n<p>Only one slot is occupied, which means that the deletion was successful.<\/p>\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"793\" height=\"971\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016.png\" alt=\"\" class=\"wp-image-974\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016.png 793w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016-245x300.png 245w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_016-768x940.png 768w\" sizes=\"(max-width: 793px) 85vw, 793px\" \/><\/figure>\n\n\n<p>\u00a0<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>You can check the operation with the command:<\/strong><\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup open \/dev\/sda3 my_secure_volume, then enter the password\nor\nsudo cryptsetup open \/dev\/sda3 my_secure_volume --key-file \/root\/luks-disk.key\n<\/pre><\/div>\n\n<p>The system will give an error that the disk has already been mounted, it&#8217;s not a big deal, the new key has been checked.<\/p>\n<p>If the key file is no longer needed, delete it with the command:<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nshred -u \/root\/luks-disk.key\n<\/pre><\/div>\n\n<p><br \/><br \/><\/p>\n<hr \/>\n<p><span style=\"text-decoration: underline;\"><em><strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:6\">Important<\/span>:<\/strong> <\/em><\/span><\/p>\n<p><em><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"19:9\">Backup<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"29:6\">access<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"35:1\">:<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"37:6\">Always<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"44:10\">leave<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"55:4\">one<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"60:8\">secure<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"69:4\">key<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"74:3\">or<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"78:6\">password<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"85:2\">in<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"88:6\">case<\/span> of <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"95:4\">failure<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"99:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"102:12\">Security<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"114:1\">:<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"116:3\">When<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"120:13\">using<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"134:8\">key<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"143:6\">files<\/span>, ensure\u00a0<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"165:3\">they<\/span> are <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"169:8\">stored<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"178:1\">in<\/span> a <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"180:10\">safe<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"191:10\">directory<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"201:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"204:5\">PBKDF<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"210:9\">settings<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"219:1\">:<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"221:5\">LUKS2<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"227:10\">uses<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"238:8\">argon2id<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"247:2\">by<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"250:9\">default<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"260:1\">in<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"262:5\">new<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"268:7\">versions<\/span> of <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"276:6\">Ubuntu<\/span>\u00a0<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"284:2\">but<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"287:5\">can<\/span> be <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"293:13\">reconfigured<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"306:1\">.<\/span> That<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"311:2\">&#8216;s<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"314:4\">it. The<\/span>\u00a0<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"324:7\">system<\/span> is <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"332:12\">ready<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"344:1\">.<\/span><\/em><\/p>\n<hr \/>\n<p><strong><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:3\">What<\/span> should I <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"4:6\">do<\/span> to <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"27:9\">increase<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"37:6\">size<\/span> of the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"63:4\">QEMU<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"67:1\">&#8211;<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"68:3\">KVM<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"44:12\">virtual<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"57:5\">disk<\/span>?<\/strong><\/p>\n<p>1. Check the current status of<em>\u00a0<\/em>partitions by using the command\u00a0\u00a0<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nlsblk\nlsblk-e7\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"814\" height=\"221\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_019.png\" alt=\"\" class=\"wp-image-978\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_019.png 814w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_019-300x81.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_019-768x209.png 768w\" sizes=\"(max-width: 814px) 85vw, 814px\" \/><\/figure><\/div>\n\n<p>2. Turn off the virtual machine and run the command in the hypervisor host<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nqemu-img resize \/path\/to\/vm-disk.qcow2 +10G\n<\/pre><\/div>\n\n<p>This will add 10 GB to the VM&#8217;s hard disk file.\u00a0<\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"769\" height=\"57\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_020.png\" alt=\"\" class=\"wp-image-979\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_020.png 769w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_020-300x22.png 300w\" sizes=\"(max-width: 769px) 85vw, 769px\" \/><\/figure><\/div>\n\n<p><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:1\">3<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"1:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"3:9\">Launch<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"13:11\">virtual<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"25:6\">machine<\/span><\/p>\n<p>4<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"34:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"36:12\">Connect<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"49:2\">via<\/span> SSH <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"56:1\">and<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"58:10\">decrypt<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"69:4\">disk<\/span><\/p>\n<p>5<span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"76:1\">.<\/span> We <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"78:12\">connect<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"91:2\">via<\/span> SSH <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"98:1\">to<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"100:7\">system<\/span><\/p>\n<p>6. We check the disk capacity. In the example, the <em><strong>sda<\/strong> <\/em>disk became 20G<\/p>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"701\" height=\"210\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_021.png\" alt=\"\" class=\"wp-image-980\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_021.png 701w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_021-300x90.png 300w\" sizes=\"(max-width: 701px) 85vw, 701px\" \/><\/figure><\/div>\n\n<p>7. Run the program to work with disk partitions with the command<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo parted \/dev\/sda\n<\/pre><\/div>\n\n<p>8. We enter the <em><strong>print<\/strong><\/em> command and say fix the problem; we answer <strong><em>Fix<\/em><\/strong>. We see what has become 20G.<\/p>\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"213\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_022-1024x213.png\" alt=\"\" class=\"wp-image-981\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_022-1024x213.png 1024w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_022-300x62.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_022-768x160.png 768w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_022-1200x250.png 1200w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_022.png 1455w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure>\n\n\n<p style=\"text-align: justify;\" data-tadv-p=\"keep\">9. We need to increase the size of the<em><strong>\u00a0sda3<\/strong><\/em>\u00a0partition (<em>in our case, it goes under number 3<\/em>), on which the encrypted disk partition is based, giving it all the free space, i.e. <strong>10G<\/strong>, for this, we write the command:<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nresize part 3 100%\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"793\" height=\"478\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_023.png\" alt=\"\" class=\"wp-image-982\" style=\"width:630px;height:auto\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_023.png 793w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_023-300x181.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_023-768x463.png 768w\" sizes=\"(max-width: 793px) 85vw, 793px\" \/><\/figure><\/div>\n\n<p>10. Exit the program:\u00a0<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nquit\n<\/pre><\/div>\n\n<p>11. Update the partition table:\u00a0<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo partprobe\n<\/pre><\/div>\n\n<p>12. Expand the LUKS section &#8211;&gt; enter the disk encryption key.<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup resize dm_crypt-0\n<\/pre><\/div>\n\n<p>13. Expanding LVM, first we look at the current state, use commands:<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo pvdisplay\nsudo vgdisplay\nsudo lvdisplay\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"781\" height=\"834\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_024.png\" alt=\"\" class=\"wp-image-984\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_024.png 781w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_024-281x300.png 281w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_024-768x820.png 768w\" sizes=\"(max-width: 781px) 85vw, 781px\" \/><\/figure><\/div>\n\n\n<p>14. Expand PV:\u00a0<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo pvresize \/dev\/mapper\/dm_crypt-0\n<\/pre><\/div>\n\n\n<p>15. Expand VL:\u00a0<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo lvextend -l +100%FREE \/dev\/ubuntu-vg\/ubuntu-lv\n<\/pre><\/div>\n\n<p>16. Checking:<\/p>\n\n\n<p><em><strong>sudo pvdisplay<\/strong><\/em><br \/><em><strong>sudo vgdisplay<\/strong><\/em><br \/><em><strong>sudo lvdisplay<\/strong><\/em><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"918\" height=\"855\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_025.png\" alt=\"\" class=\"wp-image-985\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_025.png 918w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_025-300x279.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_025-768x715.png 768w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n\n<p><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"0:2\">17<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"2:1\">.<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"4:9\">Expanding<\/span> the <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"14:8\">file<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"23:7\">system<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"30:1\">,<\/span> <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"34:4\">I<\/span> have <span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"39:4\">ext4<\/span><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"43:1\">:<\/span>\u00a0<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo resize2fs \/dev\/ubuntu-vg\/ubuntu-lv\n<\/pre><\/div>\n\n<p><span class=\"EzKURWReUAB5oZgtQNkl\" data-src-align=\"90:9\">18. Checking:\u00a0<\/span><\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\n\u00a0lsblk -e7 &amp;&amp; df -h\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"774\" height=\"469\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_026.png\" alt=\"\" class=\"wp-image-986\" style=\"width:630px;height:auto\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_026.png 774w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_026-300x182.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_026-768x465.png 768w\" sizes=\"(max-width: 774px) 85vw, 774px\" \/><\/figure><\/div>\n\n<p>Done!<\/p>\n<p>If you&#8217;re interested in benchmarking (performance test) LUKS\/cryptsetup, use the command:<\/p>\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: bash; title: ; notranslate\" title=\"\">\nsudo cryptsetup benchmark\n<\/pre><\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"407\" src=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_031-1024x407.png\" alt=\"\" class=\"wp-image-987\" srcset=\"https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_031-1024x407.png 1024w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_031-300x119.png 300w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_031-768x306.png 768w, https:\/\/itgen.itbumper.com\/wp-content\/uploads\/2025\/02\/crypto_031.png 1126w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/figure><\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>The best way to secure your data using LUKS is to deploy a new OS.&nbsp; I used Ubuntu Server 22.04 because 24.04 crashed when encrypting a LUKS partition step.&nbsp; I will describe in full one of the installation options that I use. The first thing we will see is a window with a suggestion for &hellip; <a href=\"https:\/\/itgen.itbumper.com\/?page_id=956\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;0038_Ubuntu Server 22.04 LTS with remote LUKS Unlock&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"categories":[],"tags":[],"_links":{"self":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/956"}],"collection":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=956"}],"version-history":[{"count":16,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/956\/revisions"}],"predecessor-version":[{"id":1031,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/956\/revisions\/1031"}],"wp:attachment":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=956"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=956"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}