Security Basics mailing list archives
Re: whole disk encryption on multi boot laptop
From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 24 Nov 2009 11:25:15 +0200 (IST)
On Thu, 15 Oct 2009, paul haigh wrote:
I have a Lenovo T61 laptop which has the folllowing Os's: XP Ubuntu Backtrack3 Due to my work environment I need to implement a whole disk encryption solution. I would like to do this without having to rebuild the box, however I can if necessary. Does anyone have any suggestions on the best way to pursue this?
The XP part is easy: TrueCrypt can encrypt in-place. The modern way of Linux FDE is thru cryptsetup and LVM (you need an unencrypted /boot partition). In theory, as far as there is enough buffering, you can also encrypt in-place by dd: read from original partition device and write to encrypted device mapped on the same place, but in practice it is much safe and faster to get an external HDD, copy Linux data to it, setup FDE for Linux, and copy data back. In any case you will need to restore your boot-loader (remember to read docs on TC boot-loader), but there is no need for "rebuild". -- Regards, ASK ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: whole disk encryption on multi boot laptop Alexander Klimov (Nov 24)
- Message not available
- Re: whole disk encryption on multi boot laptop Alexander Klimov (Nov 26)
- Message not available