From mboxrd@z Thu Jan 1 00:00:00 1970 From: dian_cecht@zoho.com Subject: Input needed regarding disk encryption/decryption Date: Wed, 5 Oct 2016 19:56:23 -0700 Message-ID: <20161006025623.GA28797@khaalida> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43793) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bryrK-0006Qb-A5 for guix-devel@gnu.org; Wed, 05 Oct 2016 22:56:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bryrG-0000KW-3d for guix-devel@gnu.org; Wed, 05 Oct 2016 22:56:33 -0400 Received: from sender153-mail.zoho.com ([74.201.84.153]:25498) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bryrF-0000K9-Pi for guix-devel@gnu.org; Wed, 05 Oct 2016 22:56:30 -0400 Received: from localhost (khaalida [local]) by khaalida (OpenSMTPD) with ESMTPA id 50d25fdf for ; Thu, 6 Oct 2016 02:56:23 +0000 (UTC) Content-Disposition: inline List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Hello, So apparently I've accidentilly volunteered to try and implement whole disk encryption for GuixSD, and for the last few days I've been pondering what all I'd need to handle for this. While the obvious low-hanging fruit is to simply support mounting LUKS devices (or anything under /dev/mapper), if I'm going to do this I'd rather try to handle as many cases as I could, or at least avoid doing something that would make future additions to the distro painful to implement. So I've been trying to come up with a list of the possible configurations and how they can be implemented, so at least I have a rough idea on what is actually needed. So far, this is what I'm thinking needs to be supported (or some combination of each of these): a) Encrypting /home(/$USER) b) Encrypting / c) Encrypting /boot d) Encrypting swap with a fixed passphrase e) Encrypting swap with a random passphrase f) Encrypting /$RANDOM_DIRECTORY I think A is usually handled with eCryptFS and PAM so that the user's home directory isn't mounted until the user logs in, and is thus outside of the scope of what I'm trying to do. B is the big issue for me (along with RAID support and LVM, but I'm reasonably sure I can replace LVM with quotas without any loss of functionality and probably an increase in flexibility) and can usually be handled fairly easily with an initramfs. However, the inability of the install image to mount (or configure these devices for mounting) seems to be a fairly serious stumbling block. C is supported by GRUB2 according to https://wiki.archlinux.org/index.php/Grub#Boot_partition so as long as our version of GRUB has built-in support for this, I think that shouldn't be too hard to handle. D should be reasonably easy to handle as soon as we can decide whether it would be better to decrypt everything in the initramfs or leave some of it to the system proper to handle. E is likely best handled by the system proper and should be reasonably easy to handle once a framework for handling decrypting and encrypting filesystems is implemented. The same applies to F, for that matter. I am also pondering how to handle RAID and LVM at this time since all of this is all fairly closely related, though I'm not going to make any claims of responsibility for implementing anything other than disk encryption, and even that isn't promised. However, I'm wanting feedback from others on this list (and if someone wants to crosspost this to the help-guix list for a little more visability, feel free) on any possible scenerios need to be handled that I havn't mentioned here.