Encrypted home directory
Richard W.M. Jones
rjones at redhat.com
Sun Dec 21 20:15:23 UTC 2008
On Sun, Dec 21, 2008 at 07:47:15PM +0100, David Nielsen wrote:
> I've been running using dm-crypt for a while now but it seems to me that
> when all I have is some photos and documents I don't want to fall into the
> wrong hands in case my machine is stolen, it's seems like overkill to
> encrypt everything. Additionally it's some what cumbersome to have to unlock
> the drive during boot. Another problem might be the performance hit of full
> disk encryption on these low powered netbooks being unacceptable making
> those a good target for a more lightweight solution?
Won't solve your unlocking problem, but why not have a separate
encrypted /home partition? I've had separate /home partitions for
years, not for encryption, just because that's the directory I really
care about, so I want to be able to handle it specially anyway.
The other reason to _not_ encrypt the system directories is so that
system files can be easily mmapped into memory. And after all, there
is no secret in the system files.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
More information about the fedora-devel-list
mailing list