| 1 |
Hello Peter, |
| 2 |
|
| 3 |
dmcrypt works perfectly without initrd as long as you do not encrypt the |
| 4 |
root filesystem. |
| 5 |
|
| 6 |
So for encrypted home directories, you can just create and use a LUKS |
| 7 |
volume with dmcrypt (AFAIK the fastest and easy-to-use way). |
| 8 |
|
| 9 |
Regarding other techniques like gpg or truecrypt, you should keep in |
| 10 |
mind, that dmcrypt works directly in the kernelspace, so it may be a lot |
| 11 |
faster with the same encryption strength (but it don't know any |
| 12 |
benchmark about that). |
| 13 |
|
| 14 |
Regards, |
| 15 |
Felix |
| 16 |
|
| 17 |
Am 30.11.2011 16:40, schrieb czernitko: |
| 18 |
> Hello, thanks for your response, Neil! |
| 19 |
> As for dmcrypt usage, what do you think about truecrypt or pgp whole |
| 20 |
> disk encryption as alternatives to dmcrypt? |
| 21 |
> I would like to have only one partition with all home directories on |
| 22 |
> it, and I would like to avoid usage of initrd as I don't use it now |
| 23 |
> and I would like to keep it that way if possible. |
| 24 |
> |
| 25 |
> Peter |
| 26 |
> |
| 27 |
> |
| 28 |
> 2011/11/30 Neil Bothwick <neil@××××××××××.uk <mailto:neil@××××××××××.uk>> |
| 29 |
> |
| 30 |
> On Wed, 30 Nov 2011 16:19:18 +0100, czernitko wrote: |
| 31 |
> |
| 32 |
> > I would like to set up an encrypted partition for my /home |
| 33 |
> directories |
| 34 |
> > on Gentoo Hardened. Which approach do you recommend? |
| 35 |
> |
| 36 |
> Do you want a single encrypted filesystem, or separately encrypted |
| 37 |
> home |
| 38 |
> directories for each user. for the former, emerge cryptsetup, use |
| 39 |
> it to |
| 40 |
> create the encrypted block device and set it up in |
| 41 |
> /etc/conf.d/dmcrypt. |
| 42 |
> |
| 43 |
> For individually encrypted home directories, using ecryptfs on top |
| 44 |
> of a |
| 45 |
> standard filesystem, as used by Ubuntu, is probably the best way. |
| 46 |
> |
| 47 |
> |
| 48 |
> -- |
| 49 |
> Neil Bothwick |
| 50 |
> |
| 51 |
> "You want us to do WHAT?" - Ancient Chinese wall engineer. |
| 52 |
> |
| 53 |
> |
Archives