Hi Steve,
Steve Litt writes:
> On Tue, 29 Sep 2020 20:58:42 +0700
> Андрей via Dng <dng@???> wrote:
>
>> Hello.
>>
>>
>> I've seen on the DeVuan web wite an article on complete system HDD
>> encryption using LLVM. I have tried that one and found that it is
>> impossible to change partiotion sizes once it was autopartiotioned,
>> using LLVM full system HDD encryption.
>
> If your /home partition is encrypted, and any other "data" partitions
> are encrypted, and perhaps your swap partition is encrypted (is that
> possible?) then I think it's pretty easy. Why would one need /usr and
> /etc and /var encrypted?
- /usr? Depends on what gets stuffed under /usr/local/
- /etc? 'cause you might end up saving clear text passwords there ...
Oh! I found one below /etc/wpa_supplicant/.
There might be others.
- /var? Eh, /var/spool/ may have mail and print jobs, at least for some
time. /var/log/ may contain sensitive stuff ...
That said, I generally agree that for _most_ of *my* purposes there is
no real need to have those trees encrypted. Still on the machine I am
now typing this mail *everything* is, the whole of it from / on down.
Hope this helps,
--
Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27
GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9
Support Free Software https://my.fsf.org/donate
Join the Free Software Foundation https://my.fsf.org/join