Peter Kirk wrote: > To make my system-data totally robbery safe: > I'd like to put a loopback-crypto with reiserfs on all my partitions except > /boot (so on /, /usr, /home etc.). The encryption I wish to use is the aes > (the winner of that competition). > > This is my little dream: > After starting my computer, running lilo and selecting my kernel (lying on > /boot the kernel can be read) a initial ramdisk is loaded...containing > losetup, mount and a script I will write. This script will ask for the > password to decrypt the partitions, and will then mount all my partitions > with this passoword, meaning I enter _one_ password _once_. When the > partitions are mounted (to /mnt and sub) I chroot into my new system and > continue booting. Since with swap it doesnt seem to be possible to encrypt > it, I am planning on not using a swap partition at all. Loop-AES does all of that, including encrypted swap (by adding loop=/dev/loop6,encryption=AES128 options to swap entries of your /etc/fstab file). It even includes a configurable script to create a complete fully-working initrd for you. Just follow instructions in the README file and you have encrypted-everything-except-/boot system. You can find latest version here: http://mail.nl.linux.org/linux-crypto/2002-06/msg00038.html or http://marc.theaimsgroup.com/?l=linux-crypto&m=102433721500760&w=2 Regards, Jari Ruusu <jari.ruusu@pp.inet.fi> - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
