On 20-11-2015 16:13, Damjan Georgievski wrote:
On 20 November 2015 at 17:04, Mauro Santos <registo.mailling@gmail.com> wrote:
On 20-11-2015 17:19, Joan AymĂ wrote:
Why should not be easier to boot following Disk_Encryption on the wiki[1]?
Regards.
Because I'm talking about this [1] and not software based encryption.
[1] https://en.wikipedia.org/wiki/Hardware-based_full_disk_encryption
I'd sincerely advice against using these 'hardware' disk encryptions. what happens when your motherboard is at fault, and you need the data on the disk *now* and it wont work in a USB enclosure?
I am well aware of that problem, that's a risk I'm willing to take. Meanwhile I'm enjoying how quiet and snappy it is now vs SW encryption on my old laptop that doesn't support AES-NI ;)
anyway, maybe you could use kexec in your PBA and run the installed linux kernel with that.
I did think about this but it would make me parse bootloader configuration files to find all the options I would need to pass on the kernel's command line. I suspect that it would also force me to use a larger PBA image that might have to be updated more often, which I'd like to avoid. -- Mauro Santos