Hard drive encryption question for dual-boot XP and Fedora
Mail List
lists at sapience.com
Tue Dec 25 17:27:18 UTC 2007
On Monday 24 December 2007 02:45:54 pm Kerry Miller wrote:
> My company is requiring us to encrypt the hard drive on all laptops.
> We've already got some encryption software but it only works with Windows,
> not anything set up to dual boot or anything running VMware. Do any of
> you guys know of some kind of encryption software (open source or not)
> that can handle a dual boot laptop with Windows XP on one partition and
> Fedora on the other? He's already told me I need to get rid of my Linux
> partition but I need it for network diagnostics, I'm hoping if I can find
> an alternative he'll let me and the other network guy use a different
> encryption package.
>
Be careful some of those windows encryptions will make it difficult if not
impossible to have a linux partition that will boot.
That said - if you can boot linux then this may be helpful. I actually went
the other way, i deleted windows when I encrypted my laptop disk!!
I have encrypted /home and swap. To deal with /tmp and /var/tmp leakage of
information I remount (mount --bind) these from the encrypted /home
partitition. Knowing all I do today, I would avoid ancrypting root
partition - it adds little additional security (some yes) but can be
problematic if you run into problems (ie cant boot).
Basically i use /etc/crypttab to encrypt swap but this did not work
correctly for me for /home so I hand scripted it (its trivial to do).
For some info see :
http://marc.info/?l=fedora-list&m=118391945718659&w=2
http://marc.info/?l=fedora-list&m=118384694918234&w=2
Cant speak for F8 but encrypted root on F7 will not work until mkinitd is
updated (see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124789 for
some discussion). I believe (k)ubuntu does this out of the box - however as I
said above I'd avoid encrypted root.
good luck.
gene
More information about the fedora-list
mailing list