[ltp] Hard disk password & linux

James Knott linux-thinkpad@linux-thinkpad.org
Sat, 14 May 2005 13:20:58 -0400


David A. Desrosiers wrote:
>>>I thought I'd pose the question, although it has already been 
>>>noted in some thinkpad linux faqs, but here goes: is it possible 
>>>to use the hard-disk password with linux?  I've heard the answer 
>>>is no, but was wondering if there has been any progress on this 
>>>front.
> 
> 
>>What would be the point?  You can configure Linux to run without a 
>>password.
> 
> 
> 	I think the point is to run Linux _with_ a password, and 
> specifically to ensure that if someone takes his machine, they can't 
> boot it up with KNOPPIX or similar forensics tools and get to the data 
> on the disk. 
> 
> 	Of course this means he'll have to be using filesystem-level 
> encryption on the disk and swap, but that's not hard to set up, and 
> there is no way anyone can get to the data on the disk (in any 
> readible way) without the key. A nice 8192 byte key should do nicely 
> to thwart brute force for at least the next 50 years, after which 
> you'll be dead anyway, and your secrets probably won't matter.

Perhaps I read the question wrong, but I got the impression he was 
wanting to use the same password for both hard disk and Linux, but not 
have to enter it for Linux.

However, I have my hard disk password enabled.  On many computers, you 
can have the hard disk and boot up passwords the same.  With the hard 
disk password, your disk is unusable without the password, though I 
don't know how well it would stand up to someone dismantling the drive 
and placing the platters in another drive.

Incidentally, there was an article in the Linux Journal, a few months 
back, about encrypting the entire file system and booting from a pen 
drive.  Without the pen drive, the hard disk is unreadable.