FC3 - soft raid and encryption for my entire system
molle.bestefich at gmail.com
Mon Feb 14 17:17:42 UTC 2005
Gabriel Labelle wrote:
> I am looking for a procedure explaining how to implement encryption on a
> PC running Fedora Core 3.
I've had my hands on a lot of different encryption setups on Linux,
and by far the best software I've encountered for the job is loop-aes.
It's feature rich, it's secure and it's very well documented.
It's been around for a long time now, and it seems to me that it's one
of the only (the only?) Linux encryption packages that enjoys
continuous support from the author. That means a lot to me. Thanks
to that, I can switch to kernel 2.6 from a 2.4 system, without having
to find temporary storage for and re-encrypting terabytes of data.
It can also do backward compatibility with a lot of crappy old implementations.
And it's well-tested.
All in all, it's just an amazing piece of well-behaving no-hassles software :-).
You'll probably want to have a look at the following section of the manual:
7.5. Example 5 - Encrypting root partition
This is just my recommendations. I haven't even tried dm-crypt. But
I assume that since it's a very new piece of software that it'll be
full of bugs. And frankly I don't quite trust (yet, anyway) that it
will continue to be supported in newer kernel versions, and that it
will be able in the future to read data encrypted with obsolete
versions of dm-crypt.
Of course, if you're not keen on the longevity of your data but want
to experiment with device-mapper based software, dm-crypt is the way
Best of luck!
More information about the Ataraid-list