Hi!
An error in lilo.conf caused the kernel panic I wrote about earlier, thanks for the help.
Soon I also want to do what Jari described at http://www.spinics.net/lists/crypto/msg01063.html. Could you, Jari, make this patch available at sourceforge with your signature, possibly with a small README (you could copy most things from the URL mentioned above), also telling how to apply the patch?
Recently I asked about howtos or best practices for allowing root encryption and plausibe deniability for protecting e.g. against
"lead-pipe" attackers or a provisional court order (which later could be
sentenced as unlawful). Unfortunately there were no comment on that yet (Jari also didn't comment this).
Alan commented my second related question:
the best plausible denial would be a system where you never knew the key used for swap. it was generated by the machine and handled by the machine. You can't rubber hose what someone does not know. (Though these days they still try...)
However, lead-pipe dudes (or legal enforcement dudes) would probably wonder why someone has 2 swap partitions, one of them totally oversized and not in use.
Isn't is possible to disguise real root as an unformatted or "Gutmann" formatted partition (so that you could argue that the data on it is just random crap)?
Thanks,
Christian
- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
