This project has moved and is read-only. For the latest updates, please go here.

Will it ever be possible to encrypt Linux system?

Topics: Feature Requests
Oct 18, 2016 at 12:32 AM
Hello,
I would like to know if someday it will be possible to encrypt a linux system drive.
I remember a post of idrassi here on the forum where he said that he don't know how to encrypt linux . Is it still the case? I switched on Ubuntu on one of my computer and i'd love to see it fully encrypted like every devices I have.
Thank you.
Oct 20, 2016 at 5:04 AM
Okay, well, you can encrypt a Linux system; this has been possible for years.

Essentially, this is what I do:
  • partition disks, create a separate /boot partition
  • if you have multiple disks and want mirroring, then you mirror each partition
  • leave boot accessible outside of lvm
  • use lvm for the other file systems, including / (root) and also use an lv for swap
Install Linux with full disk encryption -- it will use cryptsetup with LUKS.

Once done, if you need to remotely unlock the system, then setup dropbear.

There are lots of references on the Internet, you shouldn't have any trouble finding them.
Oct 20, 2016 at 11:43 AM
Hi,
Thank you for your answer, however I was talking about Veracrypt, not other encryption methods.
My last sentence wasn't clear at all sorry.
Oct 20, 2016 at 1:16 PM
Well, unless I understand it incorrectly, the VC encryption format is compatible with dm-crypt and that's what Linux uses with LUKS.

I see VC as the best alternative when clients still need to use Winblows, otherwise FDE on Linux is the way to go.
Oct 22, 2016 at 10:06 PM
That's true and I'll use dm-crypt. However it doesn't have VC options like hidden system or so and I was used to VC in Windows.
Thanks