Orginal from: http://mylinux.net.my/v1/2008/10/31/draft-linux-whole-drive-encryption-part-1/

** ** ** WARNING! ** ** **

*DRAFT*DRAFT*DRAFT*DRAFT*DRAFT*DRAFT*DRAFT*DRAFT*

This article is a draft need more exact info and material to complete it, as for now this will be our base idea of how to do a Linux Whole Drive Encryption + secure boot disk.

Title: Linux Whole Drive Encryption

Distribution: Debian-current Stable

Crypto: Loop-AES

Hardware:

• A usb flash drive (secure boot disk)
• Notebook or a Desktop computer.

Main Idea:

• Install Debian with the whole disk is encryted using Loop-AES
• USB Flash/thumb drive will act as a secure boot disk all of the system kernel will reside in here, we configure our Debian will fail to boot without this drive
• Bootloader is Lilo with password if possible adding some secure authentication method to the startup disk for added security.

Note:

Further testing and R&D need to be done, need to get a working Debian will a whole disk encryted running, then will start working on the flash drive boot disk.

Reference:

http://tldp.org/HOWTO/html_single/Disk-Encryption-HOWTO/

Contributer:

Sifuh sifuh(AT)yenjie.net

Zuan zuan(AT)mylinux.net.my

If you like to contribute to this document please do email me, and bombard me with you ideas

$revision: 1.0 (31/10/2008)

EOF-

Rgds,

Zuan