| 1 |
On Sun, 2008-02-17 at 11:53 +0100, Florian Sowade wrote: |
| 2 |
> Randy Barlow wrote: |
| 3 |
> > I am probably being paranoid, but I'd like to encrypt my /home/username |
| 4 |
> > folder on my laptop. |
| 5 |
> |
| 6 |
> just another point: you should think about encrypting at least /tmp and swap |
| 7 |
> too, because temporary data will be stored there and if your home dir is |
| 8 |
> encrypted but those two are not one could simply read your data from there. |
| 9 |
> Have a look at this forum thread for the setup. because it uses random keys |
| 10 |
> you don't have to enter a passphrase at bootup: |
| 11 |
> http://forums.gentoo.org/viewtopic-t-298001-highlight-encrypt+ramdisk.html |
| 12 |
|
| 13 |
It's even worse when you hibernate because your whole RAM-content |
| 14 |
(including disk caches from your encrypted home-partition) is written to |
| 15 |
disk and encryption is not so easy because you have to ask for the |
| 16 |
pass-phrase on resuming in early userspace. Look here for how to solve |
| 17 |
it: |
| 18 |
http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS |
| 19 |
|
| 20 |
I fear I'll have to spend my Easter holidays converting my system with |
| 21 |
that guide. |
Archives