Hi! I just saw what your talking about. Well, to say it in short: If you do what Jari wrote, you will get what you were asking for:-) I was begging for the same some weeks ago. Using loop-aes there remains no partition table or boot code on the harddrive. You have to start the PC from usb-stick or cd-rom then. Just do what Jari wrote, use the offsets to losetup. And calculate properly! > I was thinking in the lines of creating one big loopback device that > could then be "partitioned" using the offset and size parameters. With regard to this, consider what your PC looks like when you installed a Linux distro like SuSE or else. You have partitions. You must have them because all distros will force you to set up some. So my proposal is you get loop-aes and do what´s in the Readme. Example 7.7 is for you! When you succeeded to boot your pc from USB-Stick then you can go on and remove the mbr. Big fat Warning: Before erasing mbr like this: dd if=/dev/zero of=/dev/hda bs=512 count=1 You have to *back up* the mbr to the usb-stick!!!!!!! dd if=/dev/hda bs=512 count=1 >/media/usb/mbr.img Removing mbr with partition table is extremely dangerous for all your data! That´s why it is not mentioned in the loop-aes readme! Dont´ complain if you loose the entire data in case you make a little mistake. The usb-stick is all you have, there will be your partition table and your keys. Just in case you want to upgrade to a new version of your distro (let´s say SuSE 9.3) you will want your partition table back. dd if=/mnt/mbr.img of=/dev/hda will do that. I have tested it for weeks. It works fine with AES256 as well. It´s only a matter of PC perfomance. You might also think about several layers of encryption. Two layers of 128 bit encryption should be safer than one layer with 256 bit as you can combine twofish, blowfish and aes on one partition. For the time now, I would suggest you get loop-aes and try to bring your PC in the state of example 7.7. When you successfully started from usb-stick then you backup and remove the mbr. Jari told you how to do so. If you want I can answer some questions, too. Regards, Peter -- Sparen beginnt mit GMX DSL: http://www.gmx.net/de/go/dsl - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
