[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: To make unreadable a functional system.

Sthu Deus wrote:
> Is it possible to save the encryption pass in a loader - like grub2
> or some other program standing somewhere in the boot process?

Not in the way I'm imagining it.  You want each *whole partition* on
the disk to be encrypted as stored on the disk, which means that you
need to decrypt it on-the-fly, which means that the decryption is done
in a Linux driver, not in the boot program.  Are you thinking of
decrypting the whole disk (into...RAM?!) and passing that to Linux?
You'd still need to enter a password, else store it in cleartext where
the boot program can get it.

> I just saw that (years ago, on a linux) in one commercial product -
> they had an image of a functioning system that they passed to an
> unprivileged person - the person could use it, but files were encrypted
> - so usage was possible, while as to read the files of the OS -
> impossible.

Let us know what the product was, and maybe we can work from there.
Reply to: