encryption of partitions/lvm without speakup
Joseph C. Lininger
jbahm at pcdesk.net
Sun Feb 27 22:35:04 EST 2011
The way I see it, you have basically three options.
1. Store an encryption key on something like a USB device. You could
even put your entire boot partition there if you wanted. Then have the
encrypted root fs on your hard drive. No password needed, but someone
could steal your flash drive.
2. Just know that you're going to be prompted and type in the password
when it's time. Could have the system generate tones or something to let
you know if you need that. Have it generate another after you've
successfully entered it so you know you don't have to try again in case
of an error. USB method with encrypted keys is a variation on this,
password required, and booting from USB drive.
3. Modify your initrd to have all components for speach. Probably you'd
have a rather large initrd if you did that.
I use TrueCrypt to encrypt my windows partitions and no prompt is
available. I just have to enter the passphrase and watch for the boot
logo. Probably will do my Linux at some point, when I have time to rip
it all apart and put it back together with that.
More information about the Speakup