Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature: encrypt/decrypt disk #32

Open
bwalex opened this issue May 25, 2013 · 3 comments
Open

Feature: encrypt/decrypt disk #32

bwalex opened this issue May 25, 2013 · 3 comments
Assignees
Labels
Milestone

Comments

@bwalex
Copy link
Owner

bwalex commented May 25, 2013

Add an option to encrypt an unencrypted partition (and decrypt an encrypted partition) in place.

Most of the stuff to do this should already be present, short of the iv generation (which is trivial anyway).

Brownie points for adding an optional AES backend using the AESNI instructions.

@ghost ghost assigned bwalex May 25, 2013
@bwalex
Copy link
Owner Author

bwalex commented Jul 30, 2013

It's worth noting that this will only work for system encryption and, I think, FDE. It won't work for regular volumes, as the size of the volume is affected.

@mhogomchungu
Copy link

It should be possible for regular volumes too if you first require a file system on the volume to be shrinked for the amount of space necessary to put the header.

@colombonion
Copy link

Talking about Full Disk Encryption it would be nice and easy to provide a hook for the initramfs to decrypt the root partition. I wrote this hook for mkinitcpio (archlinux's initramfs generator) basing my work on the encrypt hook provided by cryptsetup. It does not support keyfiles, but it works. I think you should provide this hook in the tcplay packages because having a hidden operative system is an important feature which linux is missing and tcplay support it. I'm not an expert developer, I didn't find any way to email bwalex and this seemed to me the most proper place to share my little work.
this is my custom runtime hook:
http://pastebin.com/bUuZTumh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants