Producing encrypted isos
I thought it would have been cool if mkarchiso
had support to make ISOs that
are able to boot LUKS-encrypted airootfs
images.
So I'm proposing (!217) to add support for airootfs_image_type
s:
-
ext4+squashfs+luks
; -
squashfs+luks
; erofs+luks
and for a new optional encryption_key
switch in profiledef.sh.
This MR depends on adding support for opening LUKS-encrypted airootfs
images
MR
to be merged in mkinitcpio-archiso
and already includes !216 and !253.
Testing
A PKGBUILD
that builds this branch has been published as
archiso-encryption (AUR)
with an already configured releng
profile replica (named encrypted
) in
archiso-profiles (AUR)
Use cases
- For users:
- Producing private install mediums.
- For developers:
- selling private install mediums.