:: Re: [DNG] Complete system HDD encry…
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Olaf Meeuwissen
Fecha:  
A: Steve Litt
Cc: dng
Asunto: Re: [DNG] Complete system HDD encryption w/o LLVM.
Hi Steve,

Steve Litt writes:

> On Tue, 29 Sep 2020 20:58:42 +0700
> Андрей via Dng <dng@???> wrote:
>
>> Hello.
>>
>>
>> I've seen on the DeVuan web wite an article on complete system HDD
>> encryption using LLVM. I have tried that one and found that it is
>> impossible to change partiotion sizes once it was autopartiotioned,
>> using LLVM full system HDD encryption.
>
> If your /home partition is encrypted, and any other "data" partitions
> are encrypted, and perhaps your swap partition is encrypted (is that
> possible?) then I think it's pretty easy. Why would one need /usr and
> /etc and /var encrypted?


- /usr?  Depends on what gets stuffed under /usr/local/
- /etc?  'cause you might end up saving clear text passwords there ...
         Oh!  I found one below /etc/wpa_supplicant/.
         There might be others.
- /var?  Eh, /var/spool/ may have mail and print jobs, at least for some
         time.  /var/log/ may contain sensitive stuff ...


That said, I generally agree that for _most_ of *my* purposes there is
no real need to have those trees encrypted. Still on the machine I am
now typing this mail *everything* is, the whole of it from / on down.

Hope this helps,
--
Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Software                        https://my.fsf.org/donate
 Join the Free Software Foundation              https://my.fsf.org/join