Hi !
First of all, I apologize for my bad English level !
I'm trying to build a hardened live system. I want to encrypt the / partition. In my kickstart file I use : part / --size 1024 --encrypted --passphrase=pass1
It doesn't work ... I want to enter the passphrase before the system run ! Logically the system don't be able to boot without passphrase. But actually the system boot without it.
Are there anybody who have ever try to use encrypted partition in a live system ?
I'm new in fedora, if you have suggestion about hardening or if you have ever build a hardened live system, I will be happy to get some information ! :)
Thank you for your reply
Gregory
On Tue, Oct 25, 2011 at 09:21:55 +0200, Ruch Grégory gregory.ruch@elca.ch wrote:
I'm trying to build a hardened live system. I want to encrypt the / partition. In my kickstart file I use : part / --size 1024 --encrypted --passphrase=pass1
It doesn't work ... I want to enter the passphrase before the system run ! Logically the system don't be able to boot without passphrase. But actually the system boot without it.
Are there anybody who have ever try to use encrypted partition in a live system ?
Normally you encrypt /home for live images. I am not sure if live images will support encrypted / currently. If you are really worried about secret information ending up on /, one approach is not to supply an overlay area for updates. That has its own disadvantages, but in practice you'll end up needing to replace / eventually if you are trying to keep packages up to date.
livecd@lists.fedoraproject.org