Am looking at this for Fedora 15 Three existing encrypted partitions. all on /dev/vda /dev/vda2 (/vda3,vda4) all on an lvm /dev/vda1 = /boot not luks. This is a KVM guest. with a 31gb raw storage format, using KVM Virt-manager to connect if DE is required. Using seriel console, I'm finding it a pain to keep entering luks p\w. Can your article be used with an existing /dev/mapper device(s) I'm guessing I would put the keyfile on /boot. As any hacker would still need to unlock the "host box"