Re: Encrypting root filesystem without initrd support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

no! If you are on ARM you can use ARMORED from http://www1.informatik.uni-erlangen.de/tresor.
Originally it was developed in order to withstand cold boot attacks on ARM platforms (smartphones).

If you change some code to support a boot promt (see tresor patches), it should be possible to login with a keyboard (touch screen -> good luck ;)).
Normally cryptsetup is used to setup the key derivation of a passphrase in order to set the dm-crypt cipher key. That's  why it is needed.

Regards
zaolin

Hi,

I am trying to make imx28 freescale board to boot from encrypted root filesystem, i am using plain dm-crypt with aes-cbc-essiv:sha256.
Problem is that it doesn't use initrd during boot and i don't know where to put cryptsetup so that it can decrypt the partition.

Is there any other way to use cryptsetup during boot without initrd or initramfs support.

Thanks
Rahul


_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux