Ask Your Question
1

Is it possible to do a secure boot to an encrypted volume without a password prompt?

asked 2015-06-22 09:41:45 -0500

donpellegrino gravatar image

With Fedora 22 Workstation, it is convenient to install to an encrypted volume. However, the default process as setup by the Fedora installation is to prompt for a password to decrypt on each boot. It is possible to use a Trusted Platform Module (TPM) or other mechanism such that an encrypted volume could be used but the password prompt was not necessary on every boot?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
2

answered 2015-06-22 15:14:20 -0500

You can use something like this: http://www.gaztronics.net/howtos/luks... where you keep a key on a USB that has to be inserted for the system to boot/unencrypt. You can take this to different levels, with multiple keys working and use different type of locations, like networking too.

edit flag offensive delete link more

Comments

1

I recommend entering the password each boot; it's the safest. If you're going to use a USB keyfile, at least put it on your keychain. It would kind of defeat the purpose if you kept your USB with your laptop (which many people do) and your laptop gets stolen.

bthomas gravatar imagebthomas ( 2015-06-22 18:36:21 -0500 )edit

Question Tools

1 follower

Stats

Asked: 2015-06-22 09:41:45 -0500

Seen: 255 times

Last updated: Jun 22 '15