Musings about on-disk encryption in Fedora Core
Nils Philippsen
nphilipp at redhat.com
Mon Jul 5 17:55:11 UTC 2004
On Mon, 2004-07-05 at 16:32, Florian La Roche wrote:
> On Mon, Jul 05, 2004 at 04:20:09PM +0200, Nils Philippsen wrote:
> > Hi,
> >
> > I realize that it's a tad too late in the FC3 cycle, but I couldn't help
> > thinking about on-disk encryption and how to integrate it into Fedora
> > Core over the last week or so.
>
>
> Can you look at "cryptsetup" if that meets some of the functionality?
cryptsetup is a nice wrapper around dmsetup for all things dm-crypt
related. When I was writing about "attaching to en/decrypting device
mapper device" I was referring to either use of "cryptsetup create ..."
or the corresponding dmsetup calls. What's missing is in the swap+fs
cases changes to boot scripts and the installer so that the admin can
just specify some swap or fs device to be encrypted and the rest kind of
just works. With user owned encrypted storage the mentioned user
friendly tools aren't there yet ;-).
Nils
--
Nils Philippsen / Red Hat / nphilipp at redhat.com
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20040705/1a80008b/attachment.sig>
More information about the fedora-devel-list
mailing list