While I think this feature has been available for a while, it might be worth mentioning with the encrypted install feature. I tried it out as follows (as root): Plug in the usb drive and not the device name (/dev/sdc1 in my case) Erase it with random data (which can take a while and isn't really needed if no senstive data was previously on the device and you don't care about leaking which blocks on the drive have been written) dd if=/dev/urandom of=/dev/sdc1 Create the encrypted area cryptsetup luksFormat /dev/sdc1 Enter the passphrase twice Make the encrypted area a usable device The name at the end is arbitrary, but don't use one already in use cryptsetup luksOpen /dev/sdc1 luks-usb Create the file system using the name from above as the device mkfs -t ext3 /dev/mapper/luks-usb Close the encrypted device cryptsetup luksClose /dev/mapper/luks-usb Unplug the device Now when you plug in the device (while logged in at the console using a GUI) you will get asked for the passphrase and after prodiving the correct one the device will work like a normal removable device. Note that doing this limits you to using it with systems that support luks and ext3, which isn't going to work for everyone. -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
