LUKS Encrypted Porteus?

Post here if you are a new Porteus member and you're looking for some help.
Post Reply
Mario
White ninja
White ninja
Posts: 5
Joined: 23 Dec 2014, 08:10
Distribution: Ubuntu
Location: USA

LUKS Encrypted Porteus?

Post#1 by Mario » 23 Dec 2014, 08:17

I have been pondering the thought of a LUKS encrypted USB install of Porteus. However I can't find any information on how possible it is or how to do it or of any viable alternatives. I created a forum account specifically for this.

My idea is to have everything except a boot partition on the USB stick encrypted and requiring a password to decrypt before it even boots. I would accept an alternative of "encrypted save file" but would much prefer the whole thing encrypted except for the boot partition of course.

Has this been done? Has this been discussed? Is it even possible? Anyone interested in such?

Thank you.

User avatar
fanthom
Site Admin
Site Admin
Posts: 4618
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland, currently - Cork, IE
Contact:

Re: LUKS Encrypted Porteus?

Post#2 by fanthom » 23 Dec 2014, 09:37

hi Mario,

there is no point for full encryption - encrypt save.dat instead and keep all your personal stuff there. if you want to hide some programs then also use save.dat for them. in case of slackware packages you will have to use 'installpkg *.txz' instead of modules and job done.

this approach is better as:
a) core is not encrypted -> system works faster
b) you can decide which programs should be encrypted (everything what goes to save.dat) and which dont have to (everything what goes as a module to /porteus/modules).
Please add [Solved] to your thread title if the solution was found.

Mario
White ninja
White ninja
Posts: 5
Joined: 23 Dec 2014, 08:10
Distribution: Ubuntu
Location: USA

Re: LUKS Encrypted Porteus?

Post#3 by Mario » 23 Dec 2014, 17:28

fanthom wrote:hi Mario,

there is no point for full encryption - encrypt save.dat instead and keep all your personal stuff there. if you want to hide some programs then also use save.dat for them. in case of slackware packages you will have to use 'installpkg *.txz' instead of modules and job done.

this approach is better as:
a) core is not encrypted -> system works faster
b) you can decide which programs should be encrypted (everything what goes to save.dat) and which dont have to (everything what goes as a module to /porteus/modules).
Seems a little noobish but: Is there a way to create this save.dat and have it encrypted automatically? What algorithm is used? I haven't used Porteus in "awhile" but last time I used it it seemed to save all changes to a folder by default.

User avatar
francois
Contributor
Contributor
Posts: 5081
Joined: 28 Dec 2010, 14:25
Distribution: kde xfce porteus manjaro kubun
Location: Enfin l'été, le changement climatique attendu: le soleil.

Re: LUKS Encrypted Porteus?

Post#4 by francois » 23 Dec 2014, 22:07

See panel menu > system > porteus setting center > disquette icon > porteus save changes > create container and-or encryption. :twisted:
Voltaire: Le mieux est l'ennemi du bien.

User avatar
fanthom
Site Admin
Site Admin
Posts: 4618
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland, currently - Cork, IE
Contact:

Re: LUKS Encrypted Porteus?

Post#5 by fanthom » 24 Dec 2014, 07:57

What algorithm is used?

Code: Select all

cryptsetup -y -s 256 luksFormat $loop <<< $PPHRASE
everything is set to defaults
Please add [Solved] to your thread title if the solution was found.

Post Reply