Producing encrypted isos
I thought it would have been cool if mkarchiso had support to make ISOs that
are able to boot LUKS-encrypted airootfs images.
So I'm proposing (!217) to add support for airootfs_image_types:
-
ext4+squashfs+luks; -
squashfs+luks; erofs+luks
and for a new optional encryption_key switch in profiledef.sh.
This MR depends on adding support for opening LUKS-encrypted airootfs images
MR
to be merged in mkinitcpio-archiso and already includes !216 and !253.
Testing
A PKGBUILD that builds this branch has been published as
archiso-encryption (AUR)
with an already configured releng profile replica (named encrypted) in
archiso-profiles (AUR)
Use cases
- For users:
- Producing private install mediums.
- For developers:
- selling private install mediums.