From 3bd795bc5736a81adc586da80c67107dd8f64384 Mon Sep 17 00:00:00 2001 From: Fabio Natali Date: Sat, 2 Mar 2024 10:25:52 +0000 Subject: [PATCH] doc: Fix section on LUKS support. Only LUKS1 is supported in Guix at the time of this commit. Contrarily to what reported in previous versions of this section, LUKS2 is not supported. * doc/guix.texi (Keyboard Layout, Networking, and Partitioning)[Disk Partitioning]: Fix section on LUKS support. Signed-off-by: Christopher Baines Change-Id: Ia670963178810174d3ea4585c537defbaaeb0f25 --- doc/guix.texi | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 858d5751bf..796ac0028f 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -2728,20 +2728,20 @@ the Cryptsetup/LUKS utilities to do that (see @inlinefmtifelse{html, @code{man cryptsetup}} for more information). @quotation Warning -Note that GRUB can unlock LUKS2 devices since version 2.06, but only -supports the PBKDF2 key derivation function, which is not the default -for @command{cryptsetup luksFormat}. You can check which key derivation -function is being used by a device by running @command{cryptsetup -luksDump @var{device}}, and looking for the PBKDF field of your -keyslots. +While efforts are in progress to extend support to LUKS2, please note +that Guix only supports devices of type LUKS1 at the moment. You can +verify that your existing LUKS device is of the right type by running +@command{cryptsetup luksDump @var{device}}. Alternatively, you can +create a new LUKS1 device with @command{cryptsetup luksFormat --type +luks1 @var{device}}. @end quotation Assuming you want to store the root partition on @file{/dev/sda2}, the -command sequence to format it as a LUKS2 partition would be along these +command sequence to format it as a LUKS1 partition would be along these lines: @example -cryptsetup luksFormat --type luks2 --pbkdf pbkdf2 /dev/sda2 +cryptsetup luksFormat --type luks1 /dev/sda2 cryptsetup open /dev/sda2 my-partition mkfs.ext4 -L my-root /dev/mapper/my-partition @end example