Page 6 of 6 FirstFirst ... 456
Results 51 to 57 of 57

Thread: Manual Full System Encryption has been updated and simplified

  1. #51
    Join Date
    Jun 2007
    Location
    Galle District
    Beans
    3,026
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Manual Full System Encryption has been updated and simplified

    Thanks Paddy: I will give it another try as soon as I get a chance.

  2. #52
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    4,516
    Distro
    Lubuntu 16.04 Xenial Xerus

    Re: Manual Full System Encryption has been updated and simplified

    Quote Originally Posted by archphoenix View Post
    Then i fail to understand why one would copy a file from etc to itself, as the source of the copy is already there.
    I hadn't noticed that. I didn't write the script; I got it from someone else who understands this way, way more than I do!

    I'm going to test this to find out if it's a redundant line. I'll post back here once I have the results.
    Full system encryption with dual-boot (beta) —— Full Circle Magazine —— Problems with WINE?
    In my day, we had the outdoors in which to run, play, and socialise. Now people use computers for that.

  3. #53
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    4,516
    Distro
    Lubuntu 16.04 Xenial Xerus

    Re: Manual Full System Encryption has been updated and simplified

    Quote Originally Posted by Paddy Landau View Post
    I'm going to test this to find out if it's a redundant line.
    I don't pretend to understand it, but the line is required. Without it, the system is unable to get past the cryptsetup screen. So, leave it in.
    Full system encryption with dual-boot (beta) —— Full Circle Magazine —— Problems with WINE?
    In my day, we had the outdoors in which to run, play, and socialise. Now people use computers for that.

  4. #54
    Join Date
    Sep 2018
    Beans
    8

    Re: Manual Full System Encryption has been updated and simplified

    Hello, it looks like indeed the encryption key is copied to initramfs, meaning we're basically leaving the keys under the "welcome" carpet when leaving home.
    https://www.pavelkogan.com/
    Don’t forget that since the keyfile is stored on the ramdisk
    unless initramfs is encrypted, is it ?

    You may also want to use /etc/kernel/postinst.d/ scripts to reduce your script's dependency on other tools.
    Last edited by archphoenix; 5 Days Ago at 12:00 PM.

  5. #55
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    4,516
    Distro
    Lubuntu 16.04 Xenial Xerus

    Re: Manual Full System Encryption has been updated and simplified

    Quote Originally Posted by archphoenix View Post
    … it looks like indeed the encryption key is copied to initramfs
    I think that this is only temporarily on the RAM disk, not on permanent disk. On my test machine, I searched the entire hard drive (including the ESP) for a copy of crypt.system, and it was only in its correct place. Unless you show me otherwise, I'm treating this as a false alarm. But, I shall run another test in case I missed something.

    Quote Originally Posted by archphoenix View Post
    You may also want to use /etc/kernel/postinst.d/ scripts to reduce your script's dependency on other tools.
    I haven't come across this folder before. Could you tell me more about it, and how you envisage my using it, please? Remember that I'm no expert, and I've simply put together what others have created. I suspect that you would like zz-update-grub to contain the update process — if that would work, it would be a far better workaround than I currently have in place.
    Full system encryption with dual-boot (beta) —— Full Circle Magazine —— Problems with WINE?
    In my day, we had the outdoors in which to run, play, and socialise. Now people use computers for that.

  6. #56
    Join Date
    Jun 2007
    Location
    Galle District
    Beans
    3,026
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Manual Full System Encryption has been updated and simplified

    Paddy: Thanks, very useful.
    Installation to Full install flash drive went smoothly, once I gave up trying to install from desktop and used a Live USB instead.
    Also want to encrypt the usbdata partition, (NTFS), which is importantish on a portable drive.
    The more computers a portable drive can boot the better.
    Any plans to include BIOS systems?
    Home encryption seemed to work OK, BIOS and UEFI, with a traditional install.
    I tried Sudodus' basic mkusb setup, which usually works for both.
    It worked for booting an unencrypted install on one partition on a BIOS system and booting the encrypted OS on a different partition with UEFI.
    As you warned encryption did not work on a BIOS boot.
    Last edited by C.S.Cameron; 3 Days Ago at 03:40 AM.

  7. #57
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    4,516
    Distro
    Lubuntu 16.04 Xenial Xerus

    Re: Manual Full System Encryption has been updated and simplified

    Quote Originally Posted by C.S.Cameron View Post
    Installation to Full install flash drive went smoothly, once I gave up trying to install from desktop and used a Live USB instead.
    That's interesting. I don't know enough to comment on this, though.
    Quote Originally Posted by C.S.Cameron View Post
    Also want to encrypt the usbdata partition, (NTFS), which is importantish on a portable drive.
    You can overwrite the existing NTFS with a LUKS partition, and decrypt it after booting. It is possible to automate the decryption by adding it to /etc/crypttab and using a file-based key, which you might name (say) /etc/crypt.ntfs. You'd need to use the UUID instead of the partition name (e.g. /dev/sdb2), as that could change from computer to computer.
    Quote Originally Posted by C.S.Cameron View Post
    Any plans to include BIOS systems?
    I wouldn't know how to do this, sorry! I guess that the information is out there somewhere.

    Thank you for sharing your results.
    Full system encryption with dual-boot (beta) —— Full Circle Magazine —— Problems with WINE?
    In my day, we had the outdoors in which to run, play, and socialise. Now people use computers for that.

Page 6 of 6 FirstFirst ... 456

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •