I have been pondering the thought of a LUKS encrypted USB install of Porteus. However I can't find any information on how possible it is or how to do it or of any viable alternatives. I created a forum account specifically for this.
My idea is to have everything except a boot partition on the USB stick encrypted and requiring a password to decrypt before it even boots. I would accept an alternative of "encrypted save file" but would much prefer the whole thing encrypted except for the boot partition of course.
Has this been done? Has this been discussed? Is it even possible? Anyone interested in such?
Thank you.
LUKS Encrypted Porteus?
- fanthom
- Moderator Team
- Posts: 5667
- Joined: 28 Dec 2010, 02:42
- Distribution: Porteus Kiosk
- Location: Poland
- Contact:
Re: LUKS Encrypted Porteus?
hi Mario,
there is no point for full encryption - encrypt save.dat instead and keep all your personal stuff there. if you want to hide some programs then also use save.dat for them. in case of slackware packages you will have to use 'installpkg *.txz' instead of modules and job done.
this approach is better as:
a) core is not encrypted -> system works faster
b) you can decide which programs should be encrypted (everything what goes to save.dat) and which dont have to (everything what goes as a module to /porteus/modules).
there is no point for full encryption - encrypt save.dat instead and keep all your personal stuff there. if you want to hide some programs then also use save.dat for them. in case of slackware packages you will have to use 'installpkg *.txz' instead of modules and job done.
this approach is better as:
a) core is not encrypted -> system works faster
b) you can decide which programs should be encrypted (everything what goes to save.dat) and which dont have to (everything what goes as a module to /porteus/modules).
Please add [Solved] to your thread title if the solution was found.
Re: LUKS Encrypted Porteus?
Seems a little noobish but: Is there a way to create this save.dat and have it encrypted automatically? What algorithm is used? I haven't used Porteus in "awhile" but last time I used it it seemed to save all changes to a folder by default.fanthom wrote:hi Mario,
there is no point for full encryption - encrypt save.dat instead and keep all your personal stuff there. if you want to hide some programs then also use save.dat for them. in case of slackware packages you will have to use 'installpkg *.txz' instead of modules and job done.
this approach is better as:
a) core is not encrypted -> system works faster
b) you can decide which programs should be encrypted (everything what goes to save.dat) and which dont have to (everything what goes as a module to /porteus/modules).
- francois
- Contributor
- Posts: 6443
- Joined: 28 Dec 2010, 14:25
- Distribution: xfce plank porteus nemesis
- Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.
Re: LUKS Encrypted Porteus?
See panel menu > system > porteus setting center > disquette icon > porteus save changes > create container and-or encryption.
Prendre son temps, profiter de celui qui passe.
- fanthom
- Moderator Team
- Posts: 5667
- Joined: 28 Dec 2010, 02:42
- Distribution: Porteus Kiosk
- Location: Poland
- Contact:
Re: LUKS Encrypted Porteus?
What algorithm is used?
everything is set to defaults
Code: Select all
cryptsetup -y -s 256 luksFormat $loop <<< $PPHRASE
Please add [Solved] to your thread title if the solution was found.