this post was submitted on 18 Feb 2024
130 points (89.6% liked)
Everyday Carry. What essentials do you carry on a daily basis?
3237 readers
1 users here now
What do you carry on a daily basis?
Rules
- Post a list of your items
- No Sales or marketing
- No Incivility
- No Politics
- No Inappropriate Content
- Do not ask why someone is carrying a gun or knife
- Do not give unasked for advice regarding firearms or knives, or ask why they aren't carried.
- No URL shorteners (bit.ly, tinyurl, etc)/Affiliate Links.
founded 2 years ago
MODERATORS
There is one ISO and three boot partitions.
First of all, I formatted the USB drive with one vfat partition. Then I copied the contents of the ISO over. That and some prodding in grub.conf is enough to get the ISO working, and there is a whole lot of extra space in the vfat partition.
The entire contents of all of my computers' hard drives is encrypted, but that leaves the boot partition. So I moved the boot partitions onto the vfat partition, each in a separate folder labelled by the host. Then, I added entries to grub.conf for each host. The USB drive boots and a boot menu appears with all of the ISO's entries, plus a list of hosts. I choose the right host, then boot.
(I need the USB drive mounted before I can update the kernel or the microcode.)
O wow! This is totally not what I imagined. I imagined something like Ventoy. You literally made portable your boot partitions which without, the device is unbootable. Since it's on a portable USB, you can essentially brick any device as easily as pulling the drive and cutting power. That's ingenious!
And very dangerous. If anything happens to my USB drives and all of my many (many many many) backups, they are bricked to me too. My LUKS keys are on that USB drive. And the backups.
The same can be said for any drive, though. If the drive dies or the boot partition corrupts itself, we're screwed. You seem to have backups of the boot partitions, so the likelihood of you losing all your backups is slim, but you make it easy for yourself to destroy the drive in the event of... let's call it, an immediate need. And that's what I find most ingenious.
Wait, so you need the USB in order to boot your PC? If you lose the USB, or it dies, you can no longer boot?
Essentially a yubi key for simple terms, yes?
IDK, do people use yubi keys to do LUKS?
Idk what lukz is. I'm just trying to simplify it so I understand
LUKS is full hard drive encryption. If you encrypt your entire hard drive with a yubi key, then lose the yubi key, and you have no backup, you're shit outta luck. I encrypted my hard drives with a USB drive in a similar fashion. Then made backups of the USB drive, so that the scenario I describe wouldn't happen. Hopefully. It's kind of like horcruxes. If somebody steals them all, I become mortal again. Actually, though, if somebody steals them all, I lose all of the data on the hard drive.