On Mon, Dec 24, 2007 at 03:20:26PM +0530, Amitakhya Phukan wrote:
Hi all!
I want to know how I can encrypt my /home partition which is inside a
Logical Volume to increase the security.
Yes, make a backup of your /home, then format the partition with:
1. cryptsetup luksFormat /dev/volgroup/home
2. cryptsetup luksOpen /dev/volgroup/home chome
3. mke2fs -j -O dir_index -L /home /dev/mapper/chome
Then add it to /etc/crypttab:
chome /dev/volgroup/home none
Then change /etc/fstab, the line that mounts /home, to mount from
/dev/mapper/chome.
Also, should I also encrypt the
main / partition??
There's little point in that, but it does add more security. Also, you
should encrypt any swap and, if not encrypting /home, /tmp:
Add to /etc/crypttab:
1. cswap /dev/volgroup/swap /dev/urandom swap
2. ctmp /dev/volgroup/tmp /dev/urandom tmp
3. cvartmp /dev/volgroup/vartmp /dev/urandom tmp
Then add to /etc/fstab:
/dev/mapper/cswap swap swap defaults 0 0
/dev/mapper/ctmp /tmp ext2 defaults 0 0
/dev/mapper/cvartmp /var/tmp ext2 defaults 0 0
There may be some graphical tool that allows all this, but I'm a
command-line person.
--
lfr
0/0