zfsUnlocker
ramroot
zfsUnlocker | ramroot | |
---|---|---|
2 | 5 | |
20 | 254 | |
- | - | |
7.6 | 0.0 | |
10 days ago | over 1 year ago | |
Shell | Shell | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
zfsUnlocker
-
How do I configure the refind.conf and refind_linux.conf (and or config.yaml (for ZFSBootMenu)) files properly when installing Arch Linux with ZFS Native Encryption?
Personally I hate keyfiles and any form of zfs unlocking automation which stores things locally (I suppose TPM cryptography is a good exception). While I use a traditional EFI /boot with systemd-boot (bootctl) I made this initramfs hook so that my machines can dynamically unlock themselves from my vault cluster with a revokable token. Not quite the same approach and if there's no networking a machine could get caught dead in the water for booting back to a password prompt, but it's good enough right now that I use it on everything.
-
What would be the best way to set up an encrypted dataset that uses a keyfile and that automatically will lock/unlock itself depending on if the keyfile is available?
This is my Vault solution for an mkinitcpio-powered initramfs. I use it on my router as well which is a zfs root Arch install handling a good 20 static routes with a stateful firewall.
ramroot
-
Arch Linux done right
Now I can use ramroot and run the whole OS on RAM.
-
Linux install to a USB
Anyway, I wrote and maintain a guide to make this setup: https://mags.zone/help/arch-usb.html. I also made a package to optionally load everything to RAM during boot: https://github.com/arcmags/ramroot.
-
Tips on: Arch linux on usb as a daily driver
I wrote a tool to load root entirely into RAM on Arch. It checks available RAM and prompts on boot.
- How to make rescue/recovery partition that copies into RAM (live cd)?
-
USB stick longevity as a boot drive
You could also use the Arch Linux guide above and install Arch Linux on the USB drive, making sure the boot and root partition sizes are less than the amount of ram in the machine you are booting on. Then install ramroot which will load up your system into ram on boot. This will mean the system runs off ram and not USB. If you need to make changes, install applications or update, you could boot it normally so it runs off USB as any changes won't be saved if it is booted into ram. If your home folder is on another partition on the USB, I don't think that is loaded into ram on boot so you can still save files to it and any personalisations should also be kept between boots.
What are some alternatives?
yubikey-full-disk-encryption - Use YubiKey to unlock a LUKS partition
wireguard-initramfs - Use dropbear over wireguard.
efifs - EFI FileSystem drivers
zfsbootmenu - ZFS Bootloader for root-on-ZFS systems with support for snapshots and native full disk encryption
Archboot - Archboot is a most advanced, modular Arch Linux boot/install image creation utility to generate bootable media for CD/USB/PXE, designed for installation or rescue operation.
dracut - dracut the event driven initramfs infrastructure
zram-init - A wrapper script for the zram linux kernel module with zsh and openrc support
usb-samplerate-unlocker - USB (HAL) Audio Class drivers on Android have a limiter of sample rates at 96kHz. This magisk module unlocks the limiter.
auto-zram - Automatically configure zram as swap on a machine, using sensible defaults, with the ability to tweak it to your needs.