Received: from mail-io1-f49.google.com (mail-io1-f49.google.com [209.85.166.49])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 70D1E782B1D
	for <~alpine/users@lists.alpinelinux.org>; Fri, 10 Jan 2020 21:38:58 +0000 (UTC)
Received: by mail-io1-f49.google.com with SMTP id d15so3667979iog.3
        for <~alpine/users@lists.alpinelinux.org>; Fri, 10 Jan 2020 13:38:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=DQ6KkLkOT9GeHTXcXz4wzOYWX3WIKrlEOkiwLGKKjnQ=;
        b=B07GmF+olZWTlJd1uUMc8JNB1lubeLxhaK3qgpvB3fDvAQtzpPfhxX7SrvYm9pVKRE
         REbSxaKoRnJ3uplL0UC/askNCNB12vZdnKRf8FcP64a6W1r8lD3YNW56yYTi1OR6li8O
         5cNyz97sC8tmxTOhweVp5uzPYjZu4e0dT4OVRS36Ho62Ox3hYJv13EdqInexUgjerY0K
         qq3nPXCZl8yGgcH9zL7o31+7pd0CkS3oUT+goB/Hr1d9RgemmbBNo+i61IhBD0e9Lzdx
         +HgpO9rxsk32bma/YA4643Vw6HdrThmPtXZK7r5px2Q2yJmkMt78gBaPHgJ0zh4VrNh+
         bNaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=DQ6KkLkOT9GeHTXcXz4wzOYWX3WIKrlEOkiwLGKKjnQ=;
        b=Qo7GQDNfFKtFKr6NlFcjCdrs1kL4o9IBtRQ633VG8MwnPkMF5QuxK+27Oydajz9GyP
         4Vw3tsAk3vrZKVFonhDShn1z5I8FsTKNl3Hbo91jhcA05P8D9g8/zsYagXJhUEXgoNDy
         yk2eoFIbyFy2zf61T3s6ckY2bep83LgMEycwDerKvcqWnAhxsSkeFs7feSp5cO9lGysL
         /23DWlm2Qpp4JHfrkSCoc0vl+6Br5uQoVmwLq/8WWgzKaGo4CkdamDzqCKMiZMQnM8iR
         Grju8u/9sU5A4IpUuLnuPWjbH5SW9A9NDgAnQ33cg2zqSnt+ZsQfIhgKmizactDAcoFI
         8ftQ==
X-Gm-Message-State: APjAAAWgBTOyO+iPRiAb8FXREVc2bvdH6GNB0M/P4BHue5AoniiE2+Al
	mzzOCHBkco5cum3wj4SM6hJkLMK9w2EBvuJouC+2fupJ
X-Google-Smtp-Source: APXvYqx6Jc9ctGxqZt/dN7rSqAdhOg11bKvemjIGuiTH6JeGwLr//zRUyOSIys9EkoCFeFHK8DlvLazzqiNwKiZ+src=
X-Received: by 2002:a5d:8f17:: with SMTP id f23mr4311979iof.265.1578692336787;
 Fri, 10 Jan 2020 13:38:56 -0800 (PST)
MIME-Version: 1.0
References: <CAFosHnHD90XOnV=T7L7Y1UmVusk9DmeyROnuLHquMPtoRXeOVQ@mail.gmail.com>
 <20200109075809.GA20690@marco.lxc>
In-Reply-To: <20200109075809.GA20690@marco.lxc>
From: James Chase <mr.jdchase@gmail.com>
Date: Fri, 10 Jan 2020 16:38:45 -0500
Message-ID: <CAFosHnGOBBakm=oAa8Un40cirzWtYH-mgKnEjSi_-p20eWCD-A@mail.gmail.com>
Subject: Re: Decrypt LVM containing primary OS from USB on boot
To: Marco Dickert <marco@misterunknown.de>
Cc: ~alpine/users@lists.alpinelinux.org
Content-Type: text/plain; charset="UTF-8"

> I don't use a crypted setup, but found this [1] page which describes
> what you want to achieve, at least as far as I understand. This may
> help you.

Thanks! This was definitely a step in the right direction. It looks like
there may be some differences in the kernel parameters from Arch to
Alpine, although I'm not sure. I tried:

/etc/update-extlinux.conf
default_kernel_opts="nomodeset rootfstype=ext4
cryptdevice=UUID=*uuid*:lvmcrypt cryptkey=/dev/sdd1:vfat:/secretkey
cryptroot=UUID
=*uuid* cryptdm=lvmcrypt"

And several variations. Nothing appears to be working or really even
changing at all. I can see /dev/sdd1 gets recognized before it asks
for a PW to log in, so at least the USB modules appear to be loading
correctly. Arch docs have no mention of "cryptroot" or "cryptdm" as
far as I can tell, whereas Alpine docs do. Alpine docs make no mention
of "cryptdevice" either. Either I'm screwing up the config or there
may be different params for the two OS's. I guess another possibility
is going to be to put a key on a raw block device then put a shell
script in initramfs, but I'd rather avoid that if possible. Thanks for
the help, I'll keep trying stuff.