:: Re: [DNG] Complete system HDD encry…
Top Page
Delete this message
Reply to this message
Author: Olaf Meeuwissen
To: Steve Litt
CC: dng
Subject: Re: [DNG] Complete system HDD encryption w/o LLVM.
Hi Steve,

Steve Litt writes:

> On Tue, 29 Sep 2020 20:58:42 +0700
> Андрей via Dng <dng@???> wrote:
>> Hello.
>> I've seen on the DeVuan web wite an article on complete system HDD
>> encryption using LLVM. I have tried that one and found that it is
>> impossible to change partiotion sizes once it was autopartiotioned,
>> using LLVM full system HDD encryption.
> If your /home partition is encrypted, and any other "data" partitions
> are encrypted, and perhaps your swap partition is encrypted (is that
> possible?) then I think it's pretty easy. Why would one need /usr and
> /etc and /var encrypted?

- /usr?  Depends on what gets stuffed under /usr/local/
- /etc?  'cause you might end up saving clear text passwords there ...
         Oh!  I found one below /etc/wpa_supplicant/.
         There might be others.
- /var?  Eh, /var/spool/ may have mail and print jobs, at least for some
         time.  /var/log/ may contain sensitive stuff ...

That said, I generally agree that for _most_ of *my* purposes there is
no real need to have those trees encrypted. Still on the machine I am
now typing this mail *everything* is, the whole of it from / on down.

Hope this helps,
Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Software                        https://my.fsf.org/donate
 Join the Free Software Foundation              https://my.fsf.org/join