Need to encrypt entire hard drive
Work as decided that all laptops must be encrypted. Most laptop have Windows installed and I would venture to say that I'm the only linux user in the company. Work has a solution for Windows but if I want to continue to run Slackware I need to find an encryption solution.
So, I looking to find out what my options are for encryption and I want to make sure that I know all the options. I have read the encryption information in README_CRYPT.TXT, but I already have Slackware installed. Is there any easy way to encrypt the entire drive with Slackware already installed? Can I backup or create an image my entire hard drive and then encrypt and reload the backup image after encryption? |
If you've got some unallocated space on your disk that you can create an encrypted partition on alongside your existing one you could potentially copy things over, but it's going to be a lot of messing. IMO, you're better off just backing up your user data (/home etc.) and then doing a fresh install following the advice in the README_CRYPT.TXT file.
I don't believe there are any easy options. |
I think this would work with a little creativity (did not actually try this):
Attach a second disk to your laptop, boot the Slackware DVD or CD, Copy the complete content of the original disk to the external disk (use "cp -a"... or "tar" if you know how... just make sure the same filesystem is used for the external disk), Repartition the internal disk, creating a small partition to be used for an unencrypted /boot Create a filesystem (ext2 is best) on the small partition you'll be using for /boot Encrypt your new root partition using cryptsetup (read the README_CRYPT.TXT), Unlock the encrypted volume, and mount it under /mnt Create directory /mnt/boot Mount the small boot partition under /mnt/boot Copy your data back to the intermal disk Update /mnt/etc/fstab so that the device used for '/' is the actual mapped device name for the encrypted partition (usually /dev/mapper/something) Create an initrd: first chroot into your Slackware installation Code:
mount --bind /proc /mnt/proc Code:
/usr/share/mkinitrd/mkinitrd_command_generator.sh After you have created the initrd and modified /etc/lilo.conf you will have to run "lilo" while still inside the chroot Lilo will show some warnings, ignore them. Errors would be bad. Exit the chroot (type "exit") and then reboot (Ctrl-Alt-Delete) Your encrypted Slackware should boot now. Eric |
Thanks for the feedback. I think I will backup my data and do a fresh install, but before I do I may try your suggestion, Alien Bob.
|
All times are GMT -5. The time now is 06:37 PM. |