You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's worth noting that this will only work for system encryption and, I think, FDE. It won't work for regular volumes, as the size of the volume is affected.
It should be possible for regular volumes too if you first require a file system on the volume to be shrinked for the amount of space necessary to put the header.
Talking about Full Disk Encryption it would be nice and easy to provide a hook for the initramfs to decrypt the root partition. I wrote this hook for mkinitcpio (archlinux's initramfs generator) basing my work on the encrypt hook provided by cryptsetup. It does not support keyfiles, but it works. I think you should provide this hook in the tcplay packages because having a hidden operative system is an important feature which linux is missing and tcplay support it. I'm not an expert developer, I didn't find any way to email bwalex and this seemed to me the most proper place to share my little work.
this is my custom runtime hook: http://pastebin.com/bUuZTumh
Add an option to encrypt an unencrypted partition (and decrypt an encrypted partition) in place.
Most of the stuff to do this should already be present, short of the iv generation (which is trivial anyway).
Brownie points for adding an optional AES backend using the AESNI instructions.
The text was updated successfully, but these errors were encountered: