-
Junior Member
registered user
Encrypted File Systems
Currently i can encrypt my floppies, but what i would like to do is install knoppix onto my spare 4gb hdd with an encrypted swap and root. i kno u can do this with gentoo, using knoppix for help but is there anyway to just be able to do this with knoppix? ive been using AES so its built into knoppix.
thank you for any help
-
Senior Member
registered user
having the swap encrypted is not a big issue, something like the following
losetup -e AES128 /dev/loop0 /dev/hdax(your swap)
swapon /dev/loop0
This may not be the exact sequence but I read it some where
As for the root, I am curious as it is on CD so how can it be encrypted ? Or if you mean not booting from CD, I believe a scheme like the above would work, however you need at least 2 partition(not counting the swap), one is used to store the kernel image and initrd and in your linuxrc script, do something similar as the above for the root partition.
I haven't figured out a way to properly protected kernel image and initrd, just in case NSA slip in my door to replace those two which would break all encryption
-
Senior Member
registered user
I plan on booting from CD and trying this. However, with regards to a hard drive install, couldn't you put the kernel image and initrd on a CD and boot from that? That could keep someone from altering / replacing them. Still ties up a cd drive. A large enough thumb drive could work as well, if you could ensure that it is only mounted as read only through initrd.
Anybody have any thoughts about this? It would be nice to build a secure workstation in this manner...
-
Senior Member
registered user
putting the kernel and initrd on a CD/floppy/thumb drive should do the trick as I can carry it with me to reduce the chance of altered looback driver.
For those who want even more security, have the kernel and initrd encrypted with a secondary password and decrypt them before using so even if somone replace the CD while I am sleeping, I would notice that at the first gate entrance without handing out the main password
BTW, the CD-ROM won't be tied up as the kernel and initrd are into memory and the device would be freed.
-
Junior Member
registered user
any possibility of scripts being made here for this solution ? i have no clues about the boot process as such but would be nice to have some working version
Similar Threads
-
By Mr_White in forum MS Windows & New to Linux
Replies: 2
Last Post: 03-25-2005, 01:26 AM
-
By Oxyacetylene in forum Customising & Remastering
Replies: 4
Last Post: 03-18-2005, 08:26 PM
-
By Reven in forum Hdd Install / Debian / Apt
Replies: 8
Last Post: 11-12-2004, 08:13 AM
-
By aallenaia in forum General Support
Replies: 1
Last Post: 10-26-2004, 04:05 AM
-
Replies: 0
Last Post: 07-25-2003, 04:04 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
SEAGATE ST6000NM0034 6TB 7.2K SAS 3.5" HDD HARD DRIVE
$99.00
12TB 7200RPM 256MB Cache SATA 6.0Gb/s 3.5" Internal NAS Hard Drive - 0753F0
$99.95
Certified Refurbished 5TB WD Elements Portable Hard Drive - RWDBU6Y0050BBK-WESN
$89.99
Certified Refurbished 2TB WD Elements Portable Hard Drive - RWDBU6Y0020BBK-WESN
$49.99
HGST Ultrastar HUH728080ALE604 (0F23668) 8TB 7200RPM SATA 6Gb/s 3.5" Hard Drive
$79.99
HGST 4TB 64MB Cache 7200RPM SATA 6.0Gb/s 3.5" Internal Enterprise Hard Drive
$49.99
HGST HUA723030ALA640 3TB SATA RPM 7200RPM P/N 0F14044 3.5'' Hard Drive
$19.95
ST4000NM0034 SEAGATE 4TB 7.2K 12G LFF 3.5" SAS 512E ENTERPRISE HARD DRIVE
$49.99
NEW Dell T2YHT 0T2YHT 12TB 7.2K 6Gb/s SATA 3.5" Hard Drive HUH721212ALE600 0 HRS
$139.99
External Hard Disk Drive HDD USB 3.0 1TB/2TB/4TB Portable External HDD PN
$19.99