blob: 8afbc54bb2d85681b7363f600d0bd5c0cca01f18 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
[[!meta title="Bootless: anti-tampering bootloader"]]
**WARNING** - this pre-alpha software with [portuguese-only docs](index.pt)!
* Bootless is a scheme allowing a computer with encrypted disk to stay without attached bootloader in order to make more difficult to tamper the initialization process.
* Bootless is a bootloader installed in a removable media and used to initialize computers.
* It is based on [git-annex](http://git-annex.branchable.com/) and [GNU Grub](https://www.gnu.org/software/grub/).
* Initial support is targeted to Debian like operating systems.
* Bootless currently used in the [Hydra Suite](https://git.sarava.org/?p=hydra.git;a=summary).
Index
-----
[[!toc levels=4]]
TODO
----
- Cleanup and translate docs.
- Document `cryptopts` ([1](http://www.c3l.de/linux/howto-completly-encrypted-harddisk-including-suspend-to-encrypted-disk-with-ubuntu-6.10-edgy-eft.html), [2](http://manpages.ubuntu.com/manpages/lucid/man8/initramfs-tools.8.html), [3](http://solvedlinuxissues.blogspot.com.br/2011/11/encrypted-ubuntu-filesystem-on-logical.html), [4](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348147), [5](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358452)).
- Setup issue tracker.
- Add contact information.
- Split bootless script from hydra suite but preserve integration.
- Add pre-built and signed images.
References
----------
Git:
* http://kerneltrap.org/mailarchive/git/2007/10/7/331471
* http://stackoverflow.com/questions/37219/how-do-you-remove-a-specific-revision-in-the-git-history
* http://www.alexrothenberg.com/2009/06/changing-history-with-git-rebase-how-to.html
* http://stackoverflow.com/questions/250238/collapsing-a-git-repositorys-history
Grub:
* [Grub2](https://help.ubuntu.com/community/Grub2) (Ubuntu Help).
* [GRUB2 Manual](http://grub.enbug.org/Manual) (Wiki).
* [Using GRUB to Set Up the Boot Process](http://www.linuxfromscratch.org/lfs/view/development/chapter08/grub.html).
* [GNU Grub Manual](http://www.gnu.org/software/grub/manual/grub.html).
Boot:
* [Auto-booting and Securing a Linux Server with an Encrypted Filesystem](http://serverfault.com/questions/34794/auto-booting-and-securing-a-linux-server-with-an-encrypted-filesystem).
* [Smartmonster](https://github.com/ioerror/smartmonster) / [chkboot](https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#chkboot).
* [#348147 - Allow subscripts to alter ROOT (was: Add support for cryptoroot) - Debian Bug report logs](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348147) ([crypt_root and real_root on gentoo](http://wiki.gentoo.org/wiki/Genkernel)).
Images:
* [How can I mount a disk image?](http://superuser.com/questions/344899/how-can-i-mount-a-disk-image).
* [GRUB 2 - OSDev](http://wiki.osdev.org/GRUB_2): instalando o grub em várias mídias distintas.
* [Disk mounting](http://www.noah.org/wiki/Disk_mounting).
* [Loop-mounting partitions from a disk image](http://madduck.net/blog/2006.10.20:loop-mounting-partitions-from-a-disk-image/).
UEFI:
* [gummiboot](http://freedesktop.org/wiki/Software/gummiboot/).
* [booting a self-signed Linux kernel | The Linux Foundation](http://www.linuxfoundation.org/news-media/blogs/browse/2013/09/booting-self-signed-linux-kernel).
Security:
* [implementing the evil maid attack on linux with Luks - Pollux's blog](https://www.wzdftpd.net/blog/index.php?post/2009/10/28/44-implementing-the-evil-maid-attack-on-linux-with-luks).
|
