Hi Mark,
actually, our goal is to provide hardware to be delivered on costumer
premises but for this we need an extra layer of security. This is the
reason we are considering the encryption solution.
If it is possible our first and preferred solution is to encrypt as much
as possible starting from rootfs.
I guess I should port the cryptsetup package and dependencies to snap,
but since I saw in your mailing list some references I wanted to be sure
this is not already done or being in process.
As a second step, AFAIK, I should modify the boot process to include
support for partition decryption which again I am not sure this is
already supported on snappy (crossing fingers xD ).
Regards
On 23/08/16 13:21, Mark Shuttleworth wrote:
Hi Xavier
With snaps on classic (deb-based) Linux there have been some bugs
related to encrypted home directories, not sure if those are fixed yet
but they are definitely in progress.
On Ubuntu Core (where the whole system is a collection of snaps, there
are no debs by default) it should be possible to have an encrypted disk.
The main question would be what your expectations of the boot process
would be. Most people who want Ubuntu Core are doing so for distributed
devices where there isn't going to be a human around if the machine reboots.
Mark
On 23/08/16 06:26, Xavier Pegenaute M2M wrote:
Hi all,
I am interested on building a snappy system with encryption to rootfs,
I've been looking around but I didn't find any document or guide about
it. Does snappy support it? If this is the case some one could point
me to some info about it?
Regards
--
Snapcraft mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/snapcraft
