I'd like to make a USB drive on which I can store a number of liveCDs (ubuntu installer for example).
So far, I'm able to select an ISO in Grub, and boot from it.
What I'd like to do is either:
A) encrypt the iso directly, and then have Grub mount / boot it
(or if that's not possible)
B) Create a LUKS partition as an image (let's say "partition.img"), on which there's an exfat partition containing my ubuntu.iso image
C) (least favorite option) Create a USB partition (/dev/sda1) which is encrypted, and decrypt it in Grub / mount the iso.
What I've tried:
I make a new image:
sudo dd if=/dev/zero of=/path/to/ubuntu_encrypted.img bs=1M count=5000
sudo cryptsetup luksFormat --pbkdf pbkdf2 /path/to/ubuntu_encrypted.img
sudo cryptsetup luksOpen /path/to/ubuntu_encrypted.img encryptediso
sudo mkfs.ext4 /dev/mapper/encryptediso
I then copy the ubuntu.iso image to that volume, figure out the UUID with:
sudo cryptsetup luksUUID /path/to/ubuntu_encrypted.img
This is the basis of what I've been trying to get grub to accept:
menuentry 'Ubuntu from encrypted ISO' {
insmod part_gpt
insmod ext2
insmod cryptodisk
insmod luks
search --no-floppy --fs-uuid --set=root UUID_OF_ROOT_PARTITION
cryptomount -u UUID_OF_ENCRYPTED_IMAGE
set root='cryptouuid/UUID_OF_ENCRYPTED_IMAGE'
loopback loop (cryptouuid/UUID_OF_ENCRYPTED_IMAGE)
linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/path/to/ubuntu_encrypted.img quiet splash ---
initrd (loop)/casper/initrd
}
But, so far, no dice. Is what I'm attempting to do impossible?
