Re: Feitian PKI donation to dm-crypt projetc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 04, 2010 at 06:31:53AM +0100, Jean-Michel Pour? - GOOZE wrote:
> Le mercredi 03 novembre 2010 ?? 23:34 +0100, Arno Wagner a ??crit :
> > The main dm-crypt/LUKS focus is encrypted partitions in 
> > an otherwise not encrypted system. 
> 
> Thank you for answers. Reading them, I understand I did not explain
> correctly. 
> 
> I would like to encrypt a whole system using dm-crypt. The problem is
> that I have to run pcsc prior to mounting partitions. But then pcsc will
> need access to libraries, which need to be on a mounted partition.
> 
> Is there a way around?

No. You have to read something from disk in order to boot
and that something needs to be unencrypted. You can do an
initrd that is unencrypted or a boot-sector like
TrueCrypt (and grub 2?), but neither quelifies as full
system encryption.

For dm-crypt, the initrd is the means of coice.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux