-
Junior Member
registered user
Encrypted File Systems
Currently i can encrypt my floppies, but what i would like to do is install knoppix onto my spare 4gb hdd with an encrypted swap and root. i kno u can do this with gentoo, using knoppix for help but is there anyway to just be able to do this with knoppix? ive been using AES so its built into knoppix.
thank you for any help 
-
Senior Member
registered user
having the swap encrypted is not a big issue, something like the following
losetup -e AES128 /dev/loop0 /dev/hdax(your swap)
swapon /dev/loop0
This may not be the exact sequence but I read it some where
As for the root, I am curious as it is on CD so how can it be encrypted ? Or if you mean not booting from CD, I believe a scheme like the above would work, however you need at least 2 partition(not counting the swap), one is used to store the kernel image and initrd and in your linuxrc script, do something similar as the above for the root partition.
I haven't figured out a way to properly protected kernel image and initrd, just in case NSA slip in my door to replace those two which would break all encryption 
-
Senior Member
registered user
I plan on booting from CD and trying this. However, with regards to a hard drive install, couldn't you put the kernel image and initrd on a CD and boot from that? That could keep someone from altering / replacing them. Still ties up a cd drive. A large enough thumb drive could work as well, if you could ensure that it is only mounted as read only through initrd.
Anybody have any thoughts about this? It would be nice to build a secure workstation in this manner...
-
Senior Member
registered user
putting the kernel and initrd on a CD/floppy/thumb drive should do the trick as I can carry it with me to reduce the chance of altered looback driver.
For those who want even more security, have the kernel and initrd encrypted with a secondary password and decrypt them before using so even if somone replace the CD while I am sleeping, I would notice that at the first gate entrance without handing out the main password 
BTW, the CD-ROM won't be tied up as the kernel and initrd are into memory and the device would be freed.
-
Junior Member
registered user
any possibility of scripts being made here for this solution ? i have no clues about the boot process as such but would be nice to have some working version
Similar Threads
-
By Mr_White in forum MS Windows & New to Linux
Replies: 2
Last Post: 03-25-2005, 01:26 AM
-
By Oxyacetylene in forum Customising & Remastering
Replies: 4
Last Post: 03-18-2005, 08:26 PM
-
By Reven in forum Hdd Install / Debian / Apt
Replies: 8
Last Post: 11-12-2004, 08:13 AM
-
By aallenaia in forum General Support
Replies: 1
Last Post: 10-26-2004, 04:05 AM
-
Replies: 0
Last Post: 07-25-2003, 04:04 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Juniper EX3300-48P 48 Port PoE+ Gigabit Switch - Same Day Shipping
$249.99
Juniper EX2300-24P PoE+ 24-Port 1GbE 4-Port SFP+ Switch TESTED
$124.99
Juniper QFX5200-32C-AFO QFX5200 32 port 100 Gigabit QSFP28 Switch
$545.00
Juniper EX4300-48T 48 Port Gigabit 4 QSFP 40G Dual PSU AFO w/EX-UM-4X4SFP Module
$99.00
Juniper Networks MX150 Universal Router with 8x 1G 2x SFP 2x SFP+ Ports
$450.00
Juniper EX2300-48MP EX2300 48 Port Gigabit PoE+ (12 Ports 1/2.5G) 6 SFP 10G
$487.99
Juniper QFX5100-48S-AFI 48x SFP+/SFP 6x QSFP QFX5100 Switch+4 Post KIT-Rails
$355.00
Juniper QFX5110-32Q-AFI 32 QSFP+/20 QSFP+ QSFP28, back-to-front AC
$550.00
Juniper SRX345 Firewall SRX345-SYS-JB Services Gateway 8 x GbE SFP
$319.99
Juniper NFX250-S2 10-Port GbE & 2-Port SFP+ Layer 2 Network Services Platform
$254.99
Reply With Quote