You are not logged in.

#1 2011-02-27 21:52:08

FinallyHere
Member
Registered: 2011-02-27
Posts: 8

Encrypted Dual-boot Arch/Win

Hello @all!

First of all I am new to Arch (but not to Linux). I am here because I need a system which I can tailor to my needs and also because I want to escape the proprietary sphere.
However, because I have to use certain applications (e.g. Visual Studio) which only work with Windows, I am, in a way, tied. Using a Windows-VM is also no option. Therefore, I need a Dual-boot. Privacy concerns enforce encryption.


Requirements:

- Pre-Boot Authentication both for Arch and Windows
- A way to share data between Arch and Windows which doesn't sacrifice security or integrity (e.g. I don't want something like a NTFS-volume that's accessed via ntfs-3g for data and I do not want a FAT32 partition for my data) and isn't too annoying (e.g. using unencrypted USB-devices which require to copy data to and from them) 
- no TrueCrypt (I don't trust it) (GPL-software preferred)


I prefer using a dm-crypt volume with a LVM volume on top of it for Arch.


Could somebody please provide me with some advice about which encryption-software I should use to encrypt the Windows partition and how I could get GRUB(2 or some other boot loader) to boot the Pre-Boot Authentication of this encryption-software?


Thanks in advance smile !!!


Edit: typo

Edit 2: Is there a way to use TPM-chips (in this case it's a Atmel TPM 1.2) for trusted boot? Also: Would there be a way to locate the entire "/boot"-partition on a USB-device?

Last edited by FinallyHere (2011-02-27 23:24:58)

Offline

#2 2011-03-01 15:40:29

jelly
Administrator
From: /dev/null
Registered: 2008-06-10
Posts: 714

Re: Encrypted Dual-boot Arch/Win

check the wiki for examples of encrypting your archlinux

Offline

#3 2011-03-02 12:34:15

moljac024
Member
From: Serbia
Registered: 2008-01-29
Posts: 2,676

Re: Encrypted Dual-boot Arch/Win

I have my windows partition encrypted by BitLocker. It's included in Windows (Vista, 7) and it actually requires TPM by default. You can get it to encrypt the drive without a TPM chip but you have to change some system policies.

For file sharing between the two, I unfortunately have no idea. I use an external hard drive formatted as NTFS.
I'm not sure you have many options, short of, say unecrypting and mounting the linux partitions inside windows.
You should be able to do that with an ext4 driver for windows and FreeOTFE

Last edited by moljac024 (2011-03-02 12:38:15)


The day Microsoft makes a product that doesn't suck, is the day they make a vacuum cleaner.
--------------------------------------------------------------------------------------------------------------
But if they tell you that I've lost my mind, maybe it's not gone just a little hard to find...

Offline

Board footer

Powered by FluxBB