1 |
On Sun, 2008-02-17 at 11:53 +0100, Florian Sowade wrote: |
2 |
> Randy Barlow wrote: |
3 |
> > I am probably being paranoid, but I'd like to encrypt my /home/username |
4 |
> > folder on my laptop. |
5 |
> |
6 |
> just another point: you should think about encrypting at least /tmp and swap |
7 |
> too, because temporary data will be stored there and if your home dir is |
8 |
> encrypted but those two are not one could simply read your data from there. |
9 |
> Have a look at this forum thread for the setup. because it uses random keys |
10 |
> you don't have to enter a passphrase at bootup: |
11 |
> http://forums.gentoo.org/viewtopic-t-298001-highlight-encrypt+ramdisk.html |
12 |
|
13 |
It's even worse when you hibernate because your whole RAM-content |
14 |
(including disk caches from your encrypted home-partition) is written to |
15 |
disk and encryption is not so easy because you have to ask for the |
16 |
pass-phrase on resuming in early userspace. Look here for how to solve |
17 |
it: |
18 |
http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS |
19 |
|
20 |
I fear I'll have to spend my Easter holidays converting my system with |
21 |
that guide. |