>>
>> On Tue, 10 Nov 1998 [EMAIL PROTECTED] wrote:
>>
>> > How does one encrypt the root filesystem?
>>
>> I don't know whether of not it's possible right now. I thought I heard of
>> someone having written an extension to ext2 to be extended, but I think I
>> may be imagining this rather foggy memory.
>>
>> Todd Greer <[EMAIL PROTECTED]>
>>
>> ---------------------------------------------------------------------------
>> Send administrative requests to [EMAIL PROTECTED]
>
>There is something called TCFS, Transparent Cryptographic File System which runs
>under NFS to provide encrypted filesystems... I don't know if that is what you
>are talking about.
>
>There is some info on it here: http://mikonos.dia.unisa.it/tcfs
you'd need to do a LOT of magic to encrypt your root filesystem with this--
i've used it on normal filesystems and it requires that your kernel be
booted and several network services running, before you can enter your
password and have it attach the encrypted device.
using an encrypted loopback mount would likely be easier (there is kernel
support for it, and you could probably fit losetup and mount (the only two
binaries needed to mount a loopback filesystem) onto an initrd. i've never
tried that, but i do use loopback + DES at times, and 1) it is easier to
set up and 2) requires less in the way of a running system to be functional.
if anyone is interested, i'll dig up and post a pointer to my "howto use
encrypted loopback filesystems" doc. tcfs comes with sufficient documentation
for just about anyone to figure it out.
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
