Re: Loop-AES & Full-disk encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

No.
You can use loop-aes as a module, and load it during initrd/initramfs procedure.

However, If you have linked the default loop module into the kernel,
then you first need to modify your kernel configuration so it will be
disabled or be a module, so you can load the loop-aes module in place
the kernel one.

Alon Bar-Lev.

On 8/29/06, Michael Zhu <mylinuxk@xxxxxxxx> wrote:
Hi, Jari, thanks for the reply. I did some tests with
Loop-AES. From the README it seems that I have to
recompile/reconfig the kernel if I want to encrypt the
root partition. Am I right?

Thanks.

Michael


--- Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx>
wrote:

> Michael Zhu wrote:
> > Is Loop-AES a kind of full-disk encryption?
>
> Loop-AES encrypts devices. You can encrypt full
> device /dev/hda using
> loop-AES, but usually it is used to encrypt
> partitions like /dev/hda4
>
> > I mean Loop-AES is a sector by sector partition
> based encryption or not?
>
> It is sector by sector encryption.
>
> > I read the README about the Loop-AES. It says that
> Loop-AES will create a
> > boot partition and this boot partition is
> unencrypted. What kind of
> > information contained in this small boot
> partition? The Linux kernel image
> > or just some kind of boot records? Loop-AES will
> encrypt the entire
> > operation system including all the system files?
>
> Kernel needs to be loaded from some unencrypted
> device. Usually bootloader
> and kernel are in /boot but sometimes they are
> loaded from CD-ROM or
> USB-stick.
>
> --
> Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9
> DB 1D EB E3 24 0E A9 DD
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux