youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use USB flash as decryption key

Browse source
This commit is contained in:
ulic-youthlic 2025-01-19 23:15:32 +08:00
parent 1e412e52b4
commit 9ba9b660c2
Signed by: youthlic
GPG key ID: 63E86C3C14A0D721
2 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
nixos/configurations/Akun/disk-config.nix
View file

@ -30,7 +30,9 @@
settings = { settings = {
allowDiscards = true; allowDiscards = true;
fallbackToPassword = true; fallbackToPassword = true;
keyFile = "/dev/disk/by-label/LUKS_DECR";
keyFileSize = 512 * 64;
keyFileOffset = 512 * 128;
}; };
initrdUnlock = true; initrdUnlock = true;
extraFormatArgs = [ extraFormatArgs = [
@ -39,6 +41,7 @@
"--hash sha512" "--hash sha512"
"--iter-time 5000" "--iter-time 5000"
"--pbkdf argon2id" "--pbkdf argon2id"
"--key-size 256"
"--use-random" "--use-random"
]; ];
extraOpenArgs = [ extraOpenArgs = [

2
nixos/configurations/Akun/hardware-configuration.nix
View file

@ -8,7 +8,7 @@
[ (modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ]; boot.kernelModules = [ ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];