f9 encrypted fs - how???
Wolfgang S. Rupprecht
wolfgang.rupprecht+gnus200810 at gmail.com
Fri Oct 3 17:06:03 UTC 2008
Bruno Wolff III <bruno at wolff.to> writes:
> You aren't going to be able to change an existing file system in place.
> Probably the easiest solution is to back up your data and configuration
> information and reinstall.
I think I have enough free space to juggle things. I've got the
rootfs and swap on LVM and have tons of free space. In theory I could
shrink the rootfs ext3, shrink the LogVol00 containing that ext3, and
create a new logical volume to contain /home that I intend to encrypt.
While I'm at it I'll also encrypt swap, but with an ephemeral key that
gets pulled from /dev/random on each boot.
> You can use cryptsetup (using the luks commands) to set up an encrypted
> block device on top of a partition. You can then use mkfs to make a new
> file system on top of the encrypted device. This is what you would do for
> setting up encryption on a usb device. For a file system you want mounted
> at boot time, you'll also need to make an entry in /etc/fstab.
Thanks! I think that's the key I needed.
-wolfgang
--
Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only)
You may need to config 6to4 to see the above pages.
More information about the fedora-list
mailing list