It might be possible to encrypt the partition that holds the squashfs and use grub as the bootloader. You'd have to edit the grub.cfg to add the same stuff that gets added when you do full-disk encryption. Set the usb up like a multi-boot live usb, except make the first partition a luks-encrypted volume with ext4 filesystem.
]]>Tools like dd can already "flash" a live image to a drive, like sda. This allows one to use a nonpersistent environment, which has its own cases and uses.
My thought was, if the squashfs could be encrypted, and isolinux could decrypt it at boot, then one could have a secure nonpersistent environment. There's a rather old ubuntu article about this, but the script is pretty convoluted, and it uses grub as opposed to isolinux. (https://askubuntu.com/questions/1041916 … om-live-cd)
So, I wanted to know if anyone has accomplished this kind of thing, and if so, how?
]]>