[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Encrypted home directory

2008/12/21 Richard W.M. Jones <rjones redhat com>
On Sun, Dec 21, 2008 at 07:47:15PM +0100, David Nielsen wrote:
> I've been running using dm-crypt for a while now but it seems to me that
> when all I have is some photos and documents I don't want to fall into the
> wrong hands in case my machine is stolen, it's seems like overkill to
> encrypt everything. Additionally it's some what cumbersome to have to unlock
> the drive during boot. Another problem might be the performance hit of full
> disk encryption on these low powered netbooks being unacceptable making
> those a good target for a more lightweight solution?

Won't solve your unlocking problem, but why not have a separate
encrypted /home partition?  I've had separate /home partitions for
years, not for encryption, just because that's the directory I really
care about, so I want to be able to handle it specially anyway.

/home is seperate on all my boxes, so yes that solution would work. I do believe Ubuntu' solution is a seperate partition they map to a folder called Private in your home dir which is unlocked at login. I have no idea of the security of that solution but it does seem that this way one could keep a few files secret while the machine is powered down so if it gets lost in the airport e.g. those few precious personal files don't fall into the wrong hands.

The other reason to _not_ encrypt the system directories is so that
system files can be easily mmapped into memory.  And after all, there
is no secret in the system files.

no secrets.. but how else would the penguins send me coded messages to convey the dropbox locations?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]