On Mon, Apr 14, 2008 at 06:07:12PM +0000, T. Nan wrote: > If this isn't the appropriate place to ask this question, could > somebody please point to the right direction? That was the right place. > I'd like to use full disk encryption using d-i partman-auto/method > string crypto. However, as part of this process, the entire disk is > wiped before the drive is crypted and formatted. > > I'm fully aware of the fact that this is best-practice security-wise > and that not wiping the entire drive pose some degree of a > security-threat, which is acceptable for my needs. However, based on > my needs, it would be nice if the entire installation-process, > including crypting the drive, would not take that long. Just wiping an > entire drive cost more than one hour. I have open a wishlist bug report [1] describing your issue. Work still needs to be done, though. If you feel like giving it a shot, you can probably start by hacking autopartition-crypto and adding: echo > $id/skip_erase near: echo dm-crypt > $id/crypto_type As a side note, I don't see this option be added soon if you don't provide us with some patches. So don't hesitate to give it a try [2]. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476388 [2] Frans' paper can be helpful: http://d-i.alioth.debian.org/doc/talks/debconf6/paper/ Cheers, -- Jérémy Bobbio .''`. lunar@debian.org : :Ⓐ : # apt-get install anarchism `. `'` `-
Attachment:
signature.asc
Description: Digital signature