Add module to query disk/full disk encryption status

Question

Add module to query disk/full disk encryption status

april opened this issue 8 years ago · comments

It would be great to be able to query whether a given file, directory or disk is encrypted by full disk encryption systems such as FileVault, Bitlocker, and LUKS. It's not as important for servers, but if mig ends up on a bunch of clients, it will be great to see if these systems (particularly ones that may have been rebuilt from scratch) are using FDE.

Malhar Vora commented 7 years ago

Ok Cool.

Malhar Vora · Answer 1 · Wed Mar 29 2017 14:09:16 GMT+0800 (China Standard Time)

@marumari I believe it would be a standard module and not persistent one. Am I correct ?

Julien Vehent · Answer 2 · Wed Mar 29 2017 20:13:15 GMT+0800 (China Standard Time)

Correct, this would be a regular module.

April King · Answer 3 · Thu Mar 30 2017 02:07:50 GMT+0800 (China Standard Time)

Indeed, that's what I was aiming for.

Malhar Vora · Answer 4 · Thu Mar 30 2017 23:29:20 GMT+0800 (China Standard Time)

@april Can I hack on this ?

Malhar Vora · Answer 5 · Sat Apr 01 2017 00:11:42 GMT+0800 (China Standard Time)

I am trying to find that how can we check for FDE status pragmatically.

April King · Answer 6 · Sat Apr 01 2017 00:36:39 GMT+0800 (China Standard Time)

Please, go right ahead. I assume most OSes come with some kind of command line tool that you can use to query it.

Malhar Vora · Answer 7 · Wed Apr 05 2017 00:48:53 GMT+0800 (China Standard Time)

@april @jvehent We don't need to check for single file/dir as entire disk is encrypted using FDE. Am I correct ?

April King · Answer 8 · Wed Apr 19 2017 23:20:32 GMT+0800 (China Standard Time)

I think at this point let's just worry about entire disk encryption, and not single directory. We can always add onto it later. :)