I'm starting a media server/NAS build (http://pcpartpicker.com/user/TD22057/saved/3nEV) and want to use full disk encryption on my data drives (not the system). I'd like to store the keyfiles on an external USB drive that I insert before the server boots and then remove when it's finished. My goal is to prevent access to the data if the server is stolen.
I'm planning on using a SnapRAID setup and found this tutorial which goes through how to encrypt the drives before installing SnapRAID but it uses a local keyfile. I also found this tutorial for ArchLinux which seems to do what I want and includes modifications to /etc/rc.d/functions/ to auto mount a USB drive, mount the encrypted drives, and unmount the USB drive.
Has anyone tried something like this for Ubuntu? I'm assuming the ArchLinux steps will work (server parts are arriving tomorrow) but if anyone has a different/better way to do this I'd love to hear it.
Thanks!
Bookmarks