Announcement

Collapse
No announcement yet.

Fedora Stakeholders Discuss Possibility Of Using Pre-Built Initramfs Images

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
    starshipeleven
    Premium Supporter

  • starshipeleven
    replied
    Originally posted by lowlands View Post
    What is the use case for such a setup? Probably stating the obvious but wouldn't "auto-decrypt" defeat the purpose of an encrypted hard drive? I use dracut-sshd to remotely ssh into a booting server to enter the key.
    I've heard the same but with TPM, which at least makes it half-way useful (as anyone stealing the drive won't have the device with the key in the TPM to decrypt it).

    Congrats on dracut-sshd, btw.

    Leave a comment:

  • lowlands
    Senior Member

  • lowlands
    replied
    Originally posted by oleid View Post
    Pre-built is fine, as long as you can add additional files, like a local key to decrypt a hard drive (without typing a password).
    What is the use case for such a setup? Probably stating the obvious but wouldn't "auto-decrypt" defeat the purpose of an encrypted hard drive? I use dracut-sshd to remotely ssh into a booting server to enter the key.

    Leave a comment:

  • oleid
    Senior Member

  • oleid
    replied
    Pre-built is fine, as long as you can add additional files, like a local key to decrypt a hard drive (without typing a password).

    Leave a comment:

  • rene
    Senior Member

  • rene
    replied
    Pre-built, yet minimal initrd like major distributions such as #t2sde are using? ;-) https://t2sde.org

    Leave a comment:

  • Britoid
    Senior Member

  • Britoid
    replied
    Silverblue has been using prebuilt initramfs images for a while, I guess it makes a lot of sense.

    Leave a comment:

  • phoronix
    Administrator

  • Fedora Stakeholders Discuss Possibility Of Using Pre-Built Initramfs Images

    Phoronix: Fedora Stakeholders Discuss Possibility Of Using Pre-Built Initramfs Images

    Another alternative to slow initramfs generation could be distributing pre-built initramfs images to users. An additional benefit of that is possibly better security with measured boot capabilities, a matter currently being discussed by Fedora stakeholders...

    http://www.phoronix.com/scan.php?pag...Initramfs-2020
Working...
X