[TUTORIAL] Adding Full Disk Encryption to Proxmox

I'm just doing this again on another server and after the preparing to copy stage I noticed that when doing 'df -h' it shows a few missing GB in several places.

Code: 
Filesystem                 Size  Used Avail Use% Mounted on
tmpfs                      3.2G  2.4M  3.2G   1% /run
efivarfs                   320K   74K  242K  24% /sys/firmware/efi/efivars
/dev/sda1                   29G  5.8G   23G  21% /cdrom
/cow                        16G  561M   16G   4% /
tmpfs                       16G  8.0K   16G   1% /dev/shm
tmpfs                      5.0M  8.0K  5.0M   1% /run/lock
tmpfs                       16G     0   16G   0% /tmp
tmpfs                      3.2G  168K  3.2G   1% /run/user/1000
tmpfs                      3.2G   84K  3.2G   1% /run/user/0
/dev/mapper/pve--new-root   30G   28K   28G   1% /mnt/new
/dev/nvme0n1p2             672M   28K  623M   1% /mnt/new/boot
/dev/nvme0n1p1             197M   512  197M   1% /mnt/new/boot/efi
/dev/mapper/pve-root        59G   16G   40G  28% /mnt/old
/dev/nvme1n1p2            1022M   12M 1011M   2% /mnt/old/boot/efi

As you can see, on /dev/mapper/pve--new-root/ there's only 28K used but only 28G is available out of 30G, so there's 2GB unaccounted for there. On /dev/nvme0n1p2 it's 49MB, and on /dev/mapper/pve-root it's 3GB.
 
I found the solution to the problem with dropbear not working.

If dropbear.conf has

DROPBEAR_OPTIONS="-s -c cryptroot-unlock"

it prompts for the password but then gives a timeout error without sending any input to cryptsetup, and when I close the session it then sends something, but it's obviously not what I've typed because cryptsetup gives a "wrong password" error.

If I remove "-c cryptroot-unlock" from dropbear.conf, so it doesn't run that command automatically, and update-initramfs, I can type cryptroot-unlock manually after I connect and then when I enter the password it works fine.
 
Just used this brilliant guide again to set up my second proxmox server this way and I just wanted to say thank you again.
Such a well-written and easy to follow guide. Much appreciated and I wish you a fantastic life!

P.S.: If you are unsure of your network interface name (mine likes to change between reboots), simply don't specify it.
Use the following format in /etc/default/grub: ip=<ipaddr>::<gatewayaddr>:<subnetmask>:<hostname> - That works like a charm for me!
 
Last edited:
  • Like
Reactions: waltar
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back