Full Disk Encryption: Difference between revisions
Juangiordana (talk | contribs) Added `mode = "0600";`, otherwise the content of the file is world readable. |
|||
| Line 257: | Line 257: | ||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
{ | { | ||
environment.etc.crypttab = { | |||
mode = "0600"; | |||
text = '' | |||
# <volume-name> <encrypted-device> <key-file> [options] | |||
cryptstorage UUID=UUID-OF-SDB /root/mykeyfile.key | |||
''; | |||
}; | |||
} | } | ||
</syntaxhighlight> | </syntaxhighlight> | ||