Secondary Partition Encryption
Teddy Hogeborn
teddy at recompile.se
Tue Jul 12 16:32:56 CEST 2016
Clayton Daley <clayton at ambsw.com> writes:
> Would the stock version of Mandos work for just a secondary partition?
> For example if we only encrypted a "data" partition?
Yes, you could run mandos-client as a "keyscript" directly configured in
the /etc/crypttab file. (See crypttab(5).) But you would have to
configure this manually in /etc/crypttab after installation, and you may
have to write a wrapper script to supply the needed arguments to
mandos-client (--pubkey, --seckey, etc.) and use the wrapper script as
the actual keyscript in crypttab.
However, I think that systemd does not support the keyscript setting in
crypttab, so you would have to write a systemd "password agent" to run
mandos-client - this would be more complex, I think.
/Teddy Hogeborn
--
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20160712/97d63786/attachment.sig>
More information about the Mandos-Dev
mailing list