Howto install a Debian GNU/Linux system onto a USB flash thumbdrive with the root partition encrypted
How to Run Linux on a USB Drive
Simple instructions for anyone looking for a portable installation that they can easily carry with them for use as rescue media, system administration or as a private workstation. This site offers a great guide to booting a distribution of Damn Small Linux on a Lexar 512mb Jump Drive. It includes complete instructions with screenshots. Definitely worth a look!
For more information on LUKS (Linux Unified Key Setup) see: http://luks.endorphin.org/
I'm glad it's getting out to people. It's using device mapping encryption that will work with (just about) any linux box. If you have a 500mhz cpu there's no huge reason to not use encryption. And unlike windows crappy encryption, you can encrypt the entire root filesystem, not just non system files / folders
http://gentoo-wiki.com/SECURITY_Encrypting_Root_Filesystem_with_DM-Crypt_with_LUK
"Does bartpe support ext2 filesystems?"
It does, but read-only: http://www.bootcd.us/BartPE_Plugin_Details/58/Explore2fs.html
irc.chatjunkies.org #linuxhelp if you need help setting it up lowkey hangs out in there
FTA:"NOTE: This howto will only work if your device has been detected as /dev/sda because of how mkinitrd.yaird works." ...."mkinitrd.yaird"? -Never heard of that.
I'm familiar with the original Debian how-to, what I have yet to find is a concise how-to for installing an OS on a *hard drive* encrypted at time of install. Not just the root, but the whole thing.
Yaird - Yet Another Mkinitrd
For more infor: http://yaird.alioth.debian.org/
I have found it useful to just install Knoppix onto a 1GB thumbdrive.
The 700MB CD-ROM image fits rather nicely, giving just under 300MB of free space remaining on the thumbdrive.
Knoppix doesn't use encrypted partitions, instead, it uses a large file that contains an encrypted filesystem. This actually works out better for installations designed to be portable, like USB keys. The reason is that device letters can often change on various computers, depending on what other drives are installed: for example, sda, sdb, sdc....
By using a file instead of a partition, Knoppix can just search for this file, on all devices it can see. It saves having to directly mount a device, and then having that mount fail because the location changed. Also, the size of this file can be changed without having to repartition/reformat!
Also, the main Knoppix CD-ROM data doesn't need to be encrypted, as there's no secrets there, and it remains read-only. So, you get a little better speed, as the entire USB key doesn't need to be encrypted.
Here's my writeup of how to get Knoppix nicely installed to a USB key:
http://www.knoppix.net/forum/viewtopic.php?t=23558
This is slightly different from the method described on the FAQ, for various reasons I mention in the forum.
If you want to support the development of Damn Small Linux you can purchase it on a bootable USB drive from here: http://damnsmalllinux.org/usb.html
http://www.ubuntulite.org/drupal/?q=node/1
UbuntuLite might be a good way to get Ubuntu on a smaller size USB drive.
Not too sure how far they've got with yet though, but it might be worth a try.
I prefer www.puppylinux.org
There are usb "sticks" available which run linux. I have the BlackDog (see http://www.projectblackdog.com) . Another would be Gumstix (http://www.gumstix.com)
Feather Linux, it's about 128MB but has way more functionality then DSL.
http://www.chipnick.com/thumbdrive-linux
Simple instructions for anyone looking for a portable installation that they can easily carry with them for use as rescue media, system administration or as a private workstation. This site offers a great guide to booting a distribution of Damn Small Linux on a Lexar 512mb Jump Drive. It includes complete instructions with screenshots. Definitely worth a look!
For more information on LUKS (Linux Unified Key Setup) see: http://luks.endorphin.org/
I'm glad it's getting out to people. It's using device mapping encryption that will work with (just about) any linux box. If you have a 500mhz cpu there's no huge reason to not use encryption. And unlike windows crappy encryption, you can encrypt the entire root filesystem, not just non system files / folders
http://gentoo-wiki.com/SECURITY_Encrypting_Root_Filesystem_with_DM-Crypt_with_LUK
"Does bartpe support ext2 filesystems?"
It does, but read-only: http://www.bootcd.us/BartPE_Plugin_Details/58/Explore2fs.html
irc.chatjunkies.org #linuxhelp if you need help setting it up lowkey hangs out in there
FTA:"NOTE: This howto will only work if your device has been detected as /dev/sda because of how mkinitrd.yaird works." ...."mkinitrd.yaird"? -Never heard of that.
I'm familiar with the original Debian how-to, what I have yet to find is a concise how-to for installing an OS on a *hard drive* encrypted at time of install. Not just the root, but the whole thing.
Yaird - Yet Another Mkinitrd
For more infor: http://yaird.alioth.debian.org/
I have found it useful to just install Knoppix onto a 1GB thumbdrive.
The 700MB CD-ROM image fits rather nicely, giving just under 300MB of free space remaining on the thumbdrive.
Knoppix doesn't use encrypted partitions, instead, it uses a large file that contains an encrypted filesystem. This actually works out better for installations designed to be portable, like USB keys. The reason is that device letters can often change on various computers, depending on what other drives are installed: for example, sda, sdb, sdc....
By using a file instead of a partition, Knoppix can just search for this file, on all devices it can see. It saves having to directly mount a device, and then having that mount fail because the location changed. Also, the size of this file can be changed without having to repartition/reformat!
Also, the main Knoppix CD-ROM data doesn't need to be encrypted, as there's no secrets there, and it remains read-only. So, you get a little better speed, as the entire USB key doesn't need to be encrypted.
Here's my writeup of how to get Knoppix nicely installed to a USB key:
http://www.knoppix.net/forum/viewtopic.php?t=23558
This is slightly different from the method described on the FAQ, for various reasons I mention in the forum.
If you want to support the development of Damn Small Linux you can purchase it on a bootable USB drive from here: http://damnsmalllinux.org/usb.html
http://www.ubuntulite.org/drupal/?q=node/1
UbuntuLite might be a good way to get Ubuntu on a smaller size USB drive.
Not too sure how far they've got with yet though, but it might be worth a try.
I prefer www.puppylinux.org
There are usb "sticks" available which run linux. I have the BlackDog (see http://www.projectblackdog.com) . Another would be Gumstix (http://www.gumstix.com)
Feather Linux, it's about 128MB but has way more functionality then DSL.
http://www.chipnick.com/thumbdrive-linux
<< Home