On 07/03/14 18:33, Boryeu Mao wrote:
> In building a bootable DVD image (in the manner of
> SL-65-x86_64-2014-02-06-LiveDVD.iso), is it possible to encrypt the
> system?  If so, should the file LiveOS/squashfs.img be encrypted, or
> the file ext3fs.img contained therein? and what other changes (for
> example in the boot configuration) would be needed?   Hopefully this
> is a question not outside of the design goals.  Thanks in advance for
> any help/pointers.

I've never thought of this need.  I don't know if it's possible.  The
only thing which cannot be encrypted normally, is /boot.  Grub does not
support encryption, but as long as grub can load a kernel and initrd,
the root fs can pretty much be encrypted.  You just need to be sure the
initrd contains the needed tools to decrypt the file system (such as
cryptsetup and so on).  Dracut has fairly good encryption support these
days.  So it should be possible.

I'm sorry I don't have any wise pointers right now.


--
kind regards,

David Sommerseth