Bind ubuntu to hard drive.
Harijs Buss
harijs at info-shelter.net
Sun Mar 25 13:10:06 UTC 2007
On Sunday 25 March 2007 14:02, TwinZ Ubuntu Mailing List rakstija:
> Step one: by using a completely encrypted file system (root as well).
Look at this from the right point: what do you need to protect? Is it Open
Source Linux you want to hide? :) Nope, probably not. It's rather only some
information (not belonging to system) that you want to keep secret. So it is
not at all worthwile to keep system itself encrypted. Set the partition
encrypted where your data will reside. During boot process, when mounting
this partition, system will ask you for passphrase. This passphrase is not
kept anywhere on the disk, it is used only to decrypt/encrypt files from this
partition. If passphrase is right, you will get files. If not, you will get
garbage. That's so simple :)
> Surely, dd would be able to do a bit-by-bit copy, but they'd end up with a
> hard drive with encrypted files in it and could not just read them by
> mounting the drive to another system. Right?
Yes. Without passphrase nobody will be able to use the disk even on the same
machine.
> Step two: binding the installation to the hard drive serial.
Why? Without the right passphrase "bad guy" will not get the contents, be it
on original machine or on another.
> Even if one made a bit-by-bit copy the new drive would have
> a different serial and -in theory- would not boot. Right?
I see no sense in that... Besides, Linux is not able to boot from
software-encrypted file systems, you would need hardware encrypting
controller for that. But why? To keep Linux secret? :))
Harijs
More information about the ubuntu-users
mailing list