Objectives:
- A bootable Linux system so I can work on a foreign computer using my own trusted environment. This assumes the BIOS of the foreign computer can/is allowed to boot from a USB drive.
- A FAT32 partition for storing portable applications, in case the foreign computer cannot/is not allowed to boot into the Linux system and I’m stuck with a pre-installed Windows without any privileges to install anything.
- Everything on the USB drive should be encrypted in case I lose the drive or it gets stolen.
Hardware:
- 8GB Transcend JF V85 USB-drive
Tools:
- Xubuntu 9.10 Karmic Koala alternate install CD i386. i386 can be run on x64 also, but not vise-versa. The alternate install version allows you to create encrypted volumes at install time, so no need for Truecrypt here.
- Rohos Mini Drive, free version is fine for my use but unfortunately is not accessable from Linux. I also considered Truecrypt in traveller mode, but it must be run in administrator mode in Windows, something that prevents me from using this method.
- Pendrive Linux is a handy tool, but as I want to make use of the encryption option on the alternate install CD I will NOT use this.
Partitioning scheme:
- 512MB swap
- 1GB /, ext4, read-only
- 3,5GB /home, ext4, rw
- 2GB encrypted FAT32 (the maximum allowed by the free version of Rohos)
- 1GB unencrypted FAT32 for temporary storage
Partitioning must be done in Linux using fdisk as Windows does not allow partitioning of removable media.
Installation procedure
- Partition the USB memory stick using fdisk.
- Boot from the alternate install CD and proceed with installation as usual.
Tags: encryption, linux, usb, windows