[ale] Filesystem encryption
Derek Atkins
warlord at MIT.EDU
Thu Oct 14 11:27:05 EDT 2010
"Michael H. Warfield" <mhw at WittsEnd.com> writes:
> If it's a Linux system, it's a very high probability that it's LUKS
> (Linux Unified Key System). A number of distros, including Fedora and
> Redhat, support LUKS encryption at install time. Installing a system
> and then converting it to an encrypted file system (of ANY TYPE) is a
> monumental PITA that I would find it hard to believe that you've run
> into it by chance. Both crypto-loop and aes-loop suffer from this and
Actually, PGP Whole Disk Encryption for Linux can take an existing
unencrypted system and encrypt the whole disk (including /boot and /) in
place. So it's certainly possible to convert an existing disk. However
it might not be possible to convert it to a LUKS-based system.
But yes, it does require you to authenticate the disk at boot time,
either with a password or with a USB token.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the Ale
mailing list