• Automount RAID with VeraCrypt


    Goal: to create RAID1 and encrypt it using VeraCrypt (so if one drive fails, I can connect it to any OS with VC installed and access my data). Then make sure that VC volume (which is on RAID1) gets decrypted/automounted during startup of antergos. So I guess steps are the following:

    1. Create RAID1 volume (/dev/md0).
    2. Encrypt RAID1 volume.
    3. Automount /dev/md0 which is encrypted using VeraCrypt at /mnt/raid1 (or whatever name).
    4. Decrypt and automount /mnt/raid1 at /mnt/decrypted_volume (or whatever name).

    I created RAID1 from sda/sdb using mdadm and enabled automount in fstab:

    UUID=xxx /mnt/raid1 ext4 defaults 0 0
    

    Works well. However, now I need to encrypt whole RAID volume using VeraCrypt. I can see/select /dev/md0 in VeraCrypt and encrypt it. However, once I do so and reboot, system fails to start and I’m dropped into maintenance mode. The only way to boot system again - remove that line from fstab.

    Unfortunately, even if system starts, I can’t mount encrypted RAID. Doing mount /dev/md0 /mnt/raid1 returns errors wrong fs type, bad option, bad superblock

    I guess it happens because VeraCrypt changes whole filesystem at /dev/md0 from ext4 to its own encrypted volume, while fstab and mdadm.com are still set to use ext4. What can I do now to achieve my goal?

    If some of my initial steps are wrong, please also let me know.

  • I somehow got VC to work without mounting RAID at all, and would love to hear experts’ opinions. This is what I did after RAID volume was created and encrypted.

    1. Created /mnt/veracrypt-raid1 directory
    2. Created key file with VC password (which I used to encrypt whole RAID1 volume) at /etc/veracrypt.key
    3. Added this line to /etc/crypttab
    veracrypt-raid1 /dev/md0 /etc/veracrypt.key tcrypt-veracrypt
    
    1. Added this line to /etc/fstab
    /dev/mapper/veracrypt-raid1 /mnt/veracrypt-raid1 ext4 defaults 0 0
    

    Rebooted system several times to ensure everything works. blkid displays /dev/mapper/veracrypt-raid1: UUID=“xxx” TYPE=“ext4” now and I can also enter /mnt/veracrypt-raid1

    Then I entered Dolphin and added /mnt/veracrypt-raid1 as a new Place called Data. With this in mind, I hope that every time I add some file to Data, it will be automatically encrypted and mirrored.

    Since this is my very first Linux experience, I would appreciate your comments and fixes (if any).

  • you are inside deep-space with all this encryption and Raid and LVM, as most Desktop users do not mind about this things so much 😉

    But you are diving very nice so far, may some users using this can give some hints.

    [updates once a week] = [90% less problems]
    antergos:_rescue
    how to add system logs:
    wget http://bit.ly/2GCG9k2 && sh 2GCG9k2
    :handshake: donate antergos

raid5 veracrypt3 automount2 Posts 3Views 137
Log in to reply
Bloom Email Optin Plugin

Looks like your connection to Antergos Community Forum was lost, please wait while we try to reconnect.