Hi Joe, I'm interested! Maybe you could publish them on a public git repository (e.g. github).
Kind regards, Andrew On 8 June 2017 at 15:24, Joe <j...@celo.io> wrote: > On 03/29/2017 02:04 AM, Ángel wrote: > >> On 2017-03-28 at 08:33 -0400, 'Blacklight447' via qubes-devel wrote: >> >>> The basic idea was that you have to provide a password to decrypt the >>> vms data, so you can boot and use it, allowing you to be sure only you >>> can access its data. This could even be potentially combined with an >>> option to export the encrypted vm, to later boot it in a clean version >>> of qubes os. >>> >>> Im not looking for just a password prompt, since those do not provide >>> any real security, unless your threat model is preventing someone to >>> access your vm"s when you forgot to shutdown or lock your machine. >>> >>> You can use a HVM with LUKS disk. The password will be asked on boot, >> just as when booting a physical OS with an encrypted disk. >> >> However, being a HVM there will be less integration with other qubes >> (maybe the support tools can be installed -and work- on HVM, too?). >> >> > I posted some scripts to this list on 15th of December 2015 with the > subject "Individually encrypting domains" that implements groups of > encrypted VMs (you can have groups of one if you so wish, of course). > > I still maintain these scripts privately, and have been using them for > ~two years now without problems. > > I also have a Python ctypes oneline to call posix_fallocate() on root.img > to get rid of the thin provisioning stuff using sparse files that upstream > Qubes applies to make sure your data gets fucked up when you run out of > disk space in dom0. > > (Works for the other .img, too, where a similar problem presents itself, > of course, but I have disabled volatile.img in my setup because I consider > the feature insane.) > > If someone wants a copy I'd be happy to share. > > -- > You received this message because you are subscribed to the Google Groups > "qubes-devel" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-devel+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-devel@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ms > gid/qubes-devel/9060248f-c11d-22ad-8074-4cf8097d18f6%40celo.io. > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CAAXZBWKHVCtQdtOTWYMa5W1QnJGjfN_TAsgjRaxrb10H-UGruw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
