Results 1 to 4 of 4
I'm trying to test the feasibility of an idea:
I want to encrypt a laptop's hard drive in its entirety. I was planning on doing this by having /boot on ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-17-2009 #1Just Joined!
- Join Date
- Oct 2006
- Location
- United Kingdom
- Posts
- 82
Entire disk encryption
I'm trying to test the feasibility of an idea:
I want to encrypt a laptop's hard drive in its entirety. I was planning on doing this by having /boot on a partition on a removable usb stick. As long as the host laptop supports booting of USB I see no reason why this wouldn't work. It is not the most elegant of solutions though. Are there any other suggestions on how I might achieve this? The only condition I have is that everything stored on the laptop hard drive must be encrypted.
Many thanks.
Monday.
- 06-17-2009 #2forum.guy
- Join Date
- May 2004
- Location
- arch linux
- Posts
- 18,733
I've never tried it myself but it appears that TrueCrypt will encrypt an entire hard drive:
TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP, Mac OS X and Linux
Encrypts an entire partition or storage device such as USB flash drive or hard drive.
Edit: Oops... looking at this a bit further it appears that it might not do what you want.Last edited by oz; 06-17-2009 at 08:46 PM.
oz
- 06-19-2009 #3Linux Guru
- Join Date
- Apr 2009
- Location
- I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
- Posts
- 10,141
For full disk encryption from boot-loader to OS, it only supports Windows at this time. You can create a TrueCrypt volume which is mounted in the file system. I don't know what else the Linux version is capable of, such as encrypting a hard drive partition.
Originally Posted by ozar 
Sometimes, real fast is almost as good as real time.
Just remember, Semper Gumbi - always be flexible!
- 06-21-2009 #4Just Joined!
- Join Date
- May 2008
- Posts
- 12
Forget about Truecrypt. Its major focus is on Windows and always has been.
Look into dm-crypt/LUKS, which is the standard for Linux WDE. I am not sure what distro you are using, but if its one of the buntu's you can download the "alternate install cd" and follow the directions here: hxxp://oei.yungchin.nl/2008/04/23/installing-ubuntu-804-with-full-disk-encryption/ (substitue http for hxxp). I used this method for my Kubuntu box and all of my partitions are encrypted (except for /boot which is not a concern anyway).
If you're using Fedora, you can use dm-crypt/LUKS during install with a few simple clicks of the mouse.
No matter what distro, just be sure to put your /boot partition on a USB stick and not on the drive itself (considering this is what you said you wanted). So, just make a provision for that.
P.S. Putting /boot on a USB really is only more secure if you're concerned about someone physically compromising your /boot partition and putting a keylogger on it or something. Unless your computer will be used in a hostile environment, I don't see much benefit of a separate USB /boot partition. The encryption keys are not stored on the /boot partition anyway.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
