Re: [Whonix-devel] Whonix 64 bit custom builds; #FreeBSD Kernel based builds

[Vladimir A. <vla...@ap...>]

On 03/29/2013 01:34 PM, adrelanos wrote:
> Vladimir Arseniev:
>> On 03/28/2013 03:24 PM, adrelanos wrote:
>>
>>> Vladimir Arseniev:
>>>> On 03/28/2013 12:15 AM, adr...@ri... wrote:

<snip>

>>> Whonix-Workstation on hardware with physical isolation without VMs:
>>> - Installing Debain is as easy/hard as without Whonix.
>>> - Installing Whonix isn't that hard:
>>>
> https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/#install-whonix-workstation-on-hardware-untested-not-recommend
>>
>> OK, I'll look at this.
>
> This might also solve your other question "How hard would it be to "add"
> (in some way) all Whonix workstation "stuff" to an existing Debian VM?".

Yes, indeed :)

<snip>

>> Another question occurs to me. How hard would it be to "add" (in some way)
>> all Whonix workstation "stuff" to an existing Debian VM?
>
> Not very hard.
> Same instructions as:
> https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/#install-whonix-workstation-on-hardware-untested-not-recommend

I can be dense at times :(

>>>> I write that as someone who uses the Debian alternate installer for LUKS
>>>> setup.
>>>
>>> Yes, it's not as easy as using TrueCrypt FDE on Windows.
>>
>> Actually, RAID/LUKS/LVM with the Debian alternate installer is far, far
>> easier than TrueCrypt FDE on Windows ;)
>
> Well, that's open for debate. Does the Debian alternate installer
> encrypt swap by default? I find the Windows user interface of TrueCrypt
> much easier to grasp.

I should have said "far, far easier for me" :)

Well, "default" isn't relevant if you're doing RAID, because you configure the
partitions manually. But the "wizards", albeit rudimentary, are very flexible.

Anyway, in my typical setup, swap, root and home are all volumes in LVM, and
the LVM group lives on a LUKS encrypted partition on a ~2TB RAID10 array. So
boot (on its own ~300MB RAID10 array) is the only thing that's not encrypted.