On Mon, 2011-04-25 at 07:14 -0400, ssc1478 wrote:
I encrypt the home directory - to defend against theft. But entering the passphrase at every boot each time is not all that friendly.
I encrypt the main volume, which holds all the partitions. You get asked to enter a password before boot can get past the first few stages. Then everything acts like an unencrypted drive, as far as you're concerned.
Better that a thief can't boot things, at all. So they'll have a virtually useless computer, or they'll just install Windows on the laptop, erasing all your files in the process.
Hmm, I wonder if that's a good choice to stick into the GRUB menu for a laptop that might be stolen? A "Re-install Windows" item that fires up some procedure that wipes drive and starts an installation, of some sort.