Sounds like you're asking for the impossible. Once the disk is encrypted, you'll at least need to enter a password as a key to decrypt it when it powers on. Would it solve your problem to make the machine diskless, boot it over the network? Sthu Deus wrote: > to make it encrypted > yet that it will run from turning on power on the host itself (boot). > > - In short - possible to use, impossible to read w/o a password.