Product SiteDocumentation Site

A startup key to protect my data 1.0

How to have a fully secure laptop

Step by step installation guide

Edition 1.0

Legal Notice

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. You may alter, remix, and distribute its contents as long as you give attribution to the author and share the derivative work under the same CC license.
The information provided on this document comes without warranty of any kind, without even the implied warranty of merchantability or fitness for a particular purpose and is distributed AS IS.
Every effort has been made to provide the information as accurate as possible. The information may be incomplete, may contain errors or may have become out of date. The use of this information described herein is your responsibility, and to use it in your own environments do so at your own risk.
This document is a set of article explaining how to install, configure and use a fully secure Linux environment. This doc are applicable for laptop, desktop as well as for servers.
About the author
Xavier Berger is working as Solution Architect in a telecom company. He is a specialist in Linux and network deployment. Xavier enjoys hiking, geocaching, skiing and spending time with his family. His web site is:

1. Document Conventions
1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings
2. Feedback
1. Introduction
2. Audience
3. Installation
3.1. Prerequisite
3.2. Preparation installation media
3.2.1. Install from CD-Rom
3.2.2. Install from USB Keys - part 1
3.2.3. Preparation of the startup key
3.2.4. Installation from USB Keys - part 2
3.3. Installation
4. Configuration
4.1. Use label for boot partition to simplify the startup key generation
4.2. Add a 'keyfile' on USB key to activate the automatic decryption
4.3. Booting from the main disk instead of startup key
4.4. Create a startup key from a working system
4.5. Backup of the startup key and store it is a safe location
4.6. Restore the startup key into another key
4.7. Store data in a remote location to secure their availability
4.8. Ensure the confidentiality of data stored into the cloud
4.9. Passphrase management
4.10. Add live OS into the usb key
4.11. Online security
4.12. Remove the key after startup
4.13. Two factor authentication
5. Troubleshooting
5.1. Boot in recovery mode
5.2. Manually access to the partition
5.3. Reinstall the secure system and keep data in home directory
6. To go further and improve the security and data integrity
7. References
A. Revision History