On Sun, Nov 28, 2010 at 11:34:16PM +0700, Sthu Deus wrote: > Good day. > > Can You please help me to direct to some documentation or project in > Debian or explain how to make the following: > > after a system has been installed and configured - to make it encrypted > so that it will make impossible (or almost so) to read its files, > configuration, etc (even though the HDD be removed from the host and > connected to another running OS) - yet that it will run from turning on power > on the host itself (boot). > > - In short - possible to use, impossible to read w/o a password. > > Thank You for Your time.
You need to look for a type of product called "Whole Disk Encryption". PGPDisk is one such product. Generally speaking, they encrypt your entire harddisk and install their own, unencrypted, boot loader. You enter a password at the boot loader, and that decrypts your hard disk on the fly. The OS - in theory - doesn't see a difference, because all accesses to the disk are filtered through the encryption/decryption. The problem with most of these WDE programs is that they rely on a Windows program to do the initial encryption. You might try something like TrueCrypt, though; I believe that it works with linux. > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/4cf28493.ce7c0e0a.68c2.ffffd...@mx.google.com >
signature.asc
Description: Digital signature
