Fedora Linux Support Community & Resources Center
  #1  
Old 26th July 2012, 06:53 AM
axet Offline
Registered User
 
Join Date: Jul 2008
Posts: 378
macoschrome
feature grub + luks

currently fedora does not allow you to encrypt whole disk. it will left /boot unencrypted.

here is a patches which allows full disk encryption and allows grub to boot from this partition.

http://lists.gnu.org/archive/html/gr.../msg00148.html

i hope fedora people aslo improve this solution adding passing luks password to the kernel.

here is obivous advantages :

1) preventing compromited kernel images to store your decryption password somehere

2) only 1 partition (/) instead of 2 (/boot, /)

3) efi boot machines with signature check should only check grub! and not the kernel it self (solves fedora kernel signing issue)

Last edited by axet; 28th July 2012 at 10:00 AM.
Reply With Quote
Reply

Tags
feature, grub, luks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
LMDE and LUKS ProfessorCavan Linux Chat 1 23rd December 2010 10:08 AM
LUKS security pmreid Security and Privacy 4 22nd July 2008 11:05 AM
Lvm + Luks dsuchter Security and Privacy 1 1st April 2008 11:22 PM
USB HDD - LUKS and HAL funknor Using Fedora 0 3rd February 2007 09:31 PM


Current GMT-time: 13:01 (Thursday, 24-07-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat