On Thu, Nov 04, 2010 at 06:31:53AM +0100, Jean-Michel Pour? - GOOZE wrote: > Le mercredi 03 novembre 2010 ?? 23:34 +0100, Arno Wagner a ??crit : > > The main dm-crypt/LUKS focus is encrypted partitions in > > an otherwise not encrypted system. > > Thank you for answers. Reading them, I understand I did not explain > correctly. > > I would like to encrypt a whole system using dm-crypt. The problem is > that I have to run pcsc prior to mounting partitions. But then pcsc will > need access to libraries, which need to be on a mounted partition. > > Is there a way around? No. You have to read something from disk in order to boot and that something needs to be unencrypted. You can do an initrd that is unencrypted or a boot-sector like TrueCrypt (and grub 2?), but neither quelifies as full system encryption. For dm-crypt, the initrd is the means of coice. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
