I'd use the systemreacuecd (gentoo based) instead of the minimal CD. The only change you'll need to do is use the following for untaring the stage3:
tar --numeric-owner xvjpf stage3* Here are a bunch of useful links for installing Gentoo and Encryption: http://www.sysresccd.org/Download https://wiki.gentoo.org/wiki/Installation_alternatives#Installation_from_non-Gentoo_LiveCDs https://wiki.gentoo.org/wiki/Handbook:Main_Page https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Using_Your_New_Gentoo_System (systemd) https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Using_Your_New_Gentoo_System_under_OpenRC https://wiki.gentoo.org/wiki/DM-Crypt_LUKS https://wiki.gentoo.org/wiki/Dm-crypt/en https://wiki.gentoo.org/wiki/Full_Encrypted_Btrfs/Native_System_Root_Guide https://wiki.gentoo.org/wiki/SSD https://wiki.gentoo.org/wiki/ZFS https://wiki.gentoo.org/wiki/ZFS/Features https://wiki.gentoo.org/wiki/ZFSOnLinux_Development_Guide https://wiki.gentoo.org/wiki/Partition Funtoo's site also had some decent instructions: On Tue, Nov 3, 2015 at 1:30 AM, Dan Egli <[email protected]> wrote: > On October 31, 2015, Brandon Gillespie wrote: > > > If you install linux and encrypt the hard drive, it uses luks. > > > > That's interesting. Of course, that's usually done via the installer engine > I'm sure. How would that work with Gentoo where YOU are the install engine? > I don't recall seeing any kind of encryption or dm-setup or anything on the > Gentoo minimal CD (which is used for installs frequently). Of course that > was nearly ten years ago that I took a good look so things may have changed > since then. > > > > > luks is specific to Linux, where trucrypt is not. > > > > True, trucrypt is meant to be run on a variety of operating systems. Still, > I know the code for Trucrypt has been vetted by professional cryptographers > and found to be free of any security holes that would allow anyone > unauthorized access to your files. I imagine luks is the same, and I'm not > trying to demean it. Merely stating that just because trucrypt isn't > designed specifically for linux, doesn't make it bad. I'll just have to > take a closer at luks and dm-setup. Thanks for the tips there. > > > --- Dan > > On Sat, Oct 31, 2015 at 1:51 AM, Brandon Gillespie < > [email protected]> wrote: > > > crypttab appears to use dm-setup and the various luks internals. Google > > luks for more info. Personally I'd expect it to equal or be better than > > trucrypt; it uses conventional code and is built-into the kernel (and has > > been for some time). I use luks to store all my sensitive files, using a > > loopback device and a local file (rather than a block device). I haven't > > tested the performance of it, however, for a DBMS or other system. > > > > If you install linux and encrypt the hard drive, it uses luks. > > > > luks is specific to Linux, where truecrypt is not. > > > > *Brandon Gillespie* > > SaaS Operations Director, Kuali > > [email protected] > > 801.682.3444 > > > > > > On 10/30/15 3:59 AM, Dan Egli wrote: > > > >> While reading about systemd, I saw notice that it has an option to read > >> information about encrypted devices from /etc/crypttab. That's a new one > >> on > >> me. I've not heard of that file before. What programs/services use > >> crypttab, and where could I find more information about them? How do > they > >> compare in security strength to something like trucrypt? Is there a way > to > >> auto-mount a partition that way, since I don't see any way to > auto-mount a > >> partition encrypted via trucrypt (yes, I know of keyfiles vs. passwords, > >> but from what I can tell you still need to manually run trucrypt to > mount > >> the encrypted container/device. You just don't need to specify a > password > >> to do so)? > >> > >> > >> > >> Any information is appreciated! > >> --- Dan > >> > >> /* > >> PLUG: http://plug.org, #utah on irc.freenode.net > >> Unsubscribe: http://plug.org/mailman/options/plug > >> Don't fear the penguin. > >> */ > >> > > > > > > /* > > PLUG: http://plug.org, #utah on irc.freenode.net > > Unsubscribe: http://plug.org/mailman/options/plug > > Don't fear the penguin. > > */ > > > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */ > /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
