Encrypted home directory
David Nielsen
gnomeuser at gmail.com
Sun Dec 21 20:35:08 UTC 2008
2008/12/21 Richard W.M. Jones <rjones at redhat.com>
> On Sun, Dec 21, 2008 at 07:47:15PM +0100, David Nielsen wrote:
> > I've been running using dm-crypt for a while now but it seems to me that
> > when all I have is some photos and documents I don't want to fall into
> the
> > wrong hands in case my machine is stolen, it's seems like overkill to
> > encrypt everything. Additionally it's some what cumbersome to have to
> unlock
> > the drive during boot. Another problem might be the performance hit of
> full
> > disk encryption on these low powered netbooks being unacceptable making
> > those a good target for a more lightweight solution?
>
> Won't solve your unlocking problem, but why not have a separate
> encrypted /home partition? I've had separate /home partitions for
> years, not for encryption, just because that's the directory I really
> care about, so I want to be able to handle it specially anyway.
/home is seperate on all my boxes, so yes that solution would work. I do
believe Ubuntu' solution is a seperate partition they map to a folder called
Private in your home dir which is unlocked at login. I have no idea of the
security of that solution but it does seem that this way one could keep a
few files secret while the machine is powered down so if it gets lost in the
airport e.g. those few precious personal files don't fall into the wrong
hands.
> The other reason to _not_ encrypt the system directories is so that
> system files can be easily mmapped into memory. And after all, there
> is no secret in the system files.
no secrets.. but how else would the penguins send me coded messages to
convey the dropbox locations?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/devel/attachments/20081221/6f885061/attachment.html
More information about the devel
mailing list