Re: What I want to do -doable ?

[Jari Ruusu <jari.ruusu@pp.inet.fi>]

Peter Kirk wrote:
> To make my system-data totally robbery safe:
> I'd like to put a loopback-crypto with reiserfs on all my partitions except
> /boot (so on /, /usr, /home etc.). The encryption I wish to use is the aes
> (the winner of that competition).
> 
> This is my little dream:
> After starting my computer, running lilo and selecting my kernel (lying on
> /boot the kernel can be read) a initial ramdisk is loaded...containing
> losetup, mount and a script I will write. This script will ask for the
> password to decrypt the partitions, and will then mount all my partitions
> with this passoword, meaning I enter _one_ password _once_. When the
> partitions are mounted (to /mnt and sub) I chroot into my new system and
> continue booting. Since with swap it doesnt seem to be possible to encrypt
> it, I am  planning on not using a swap partition at all.

Loop-AES does all of that, including encrypted swap (by adding
loop=/dev/loop6,encryption=AES128 options to swap entries of your /etc/fstab
file). It even includes a configurable script to create a complete
fully-working initrd for you. Just follow instructions in the README file
and you have encrypted-everything-except-/boot system.

You can find latest version here:

http://mail.nl.linux.org/linux-crypto/2002-06/msg00038.html
  or
http://marc.theaimsgroup.com/?l=linux-crypto&m=102433721500760&w=2

Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/