1 |
Am 02.01.2012 11:49, schrieb Florian Philipp: |
2 |
> Am 02.01.2012 09:07, schrieb Stéphane Guedon: |
3 |
>> Hi all |
4 |
>> |
5 |
>> I may ask something already discussed, but I can't find any good documentation. |
6 |
>> I am wondering of how to secure my home repository on my laptop. I am thinking |
7 |
>> of cryptography and other things (the password uncrypt the repository and |
8 |
>> allows to read files...). |
9 |
>> |
10 |
>> What tool to use for ? Anybody knows a good doc (in french would be really |
11 |
>> good) ? |
12 |
>> |
13 |
>> I am not really paranoïd, but I work now in a quite important environnement |
14 |
>> and want any data I get out to be secured... |
15 |
> |
16 |
> I recommend dm-crypt (a.k.a. cryptsetup-luks). It encrypts the block |
17 |
> device under the actual file system. Gentoo wiki has some tutorials on |
18 |
> it (although you don't need much of it): [1] [2] |
19 |
> |
20 |
> If you only want to encrypt your home partition, you only need to follow |
21 |
> these steps: |
22 |
> |
23 |
> 1. Create an encrypted partition (see `man cryptsetup`) |
24 |
> 2. Move /home/* over to it (don't forget backup) |
25 |
> 3. Configure /etc/conf.d/dmcrypt |
26 |
> 4. Add /etc/init.d/dmcrypt to boot runlevel |
27 |
5. Add it to /etc/fstab (the 'target=' line in /etc/conf.d/dmcrypt |
28 |
specifies the name). |
29 |
> [...] |
30 |
|
31 |
I recommend testing it with some easily recoverable file system like |
32 |
/var/tmp or /usr/src/portage. |