Rebooting a LUKS Encrypted System Without Typing The Passphrase: https://mckinley.cc/blog/20230526.html
@movq@www.uninformativ.de I get it. I wouldn’t set this up for anyone else. Systems that are on all the time don’t benefit as much from at-rest encryption, anyway. This is definitely an interesting solution, however, and it has worked well for me in the past 1-2 weeks. We’ll see how it goes in 1-2 years.
@movq@www.uninformativ.de I reworked the paragraph about security and improved that sentence. Hopefully it’s a little more clear.
However, the key on the unencrypted partition is only valid for the time it takes to reboot, assuming we reboot as soon as the script completes.