Hidden OS encryption for Linux ?

Discussion in 'all things UNIX' started by Paranoid Eye, Aug 3, 2014.

Thread Status:
Not open for further replies.
  1. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    Hi before I start trying out linux just wanted to find out if Linux encryption has support for hidden os to give plausible deniability ?
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,021
    I haven't heard of that. Buy it's been maybe a year since I looked.

    The closest that I know is this dance:
    • install with /boot on flash card and dm-crypt/LUKS FDE
    • back up LUKS header to /boot card
    • delete LUKS header
    • after shutdown, keep /boot card safe; make a backup copy
    • bootup into initramfs busybox
    • restore LUKS header
    • reboot normally
    While the LUKS header is gone, the disk is totally random. And without the /boot card, there's no information about a dm-crypt/LUKS volume existing.

    Maybe there's a way to integrate that into a Windows/Linux dual boot. The dm-crypt/LUKS volume could be on an apparently empty disk. But if Windows started messing with it, you might be hosed. You could probably put it on a SSD in a toaster-style SATA drive holder. The machine would boot into Windows unless the /boot card and SSD were present.
     
  3. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    thanks great idea, yeah I googled it but not much information was showing up it did not look like it was possible but the post were 2-3 years ago.
     
Loading...
Thread Status:
Not open for further replies.