Encrypting a partition
Luciano Rocha
strange at nsk.no-ip.org
Mon Dec 24 11:04:05 UTC 2007
On Mon, Dec 24, 2007 at 03:20:26PM +0530, Amitakhya Phukan wrote:
> Hi all!
>
> I want to know how I can encrypt my /home partition which is inside a
> Logical Volume to increase the security.
Yes, make a backup of your /home, then format the partition with:
1. cryptsetup luksFormat /dev/volgroup/home
2. cryptsetup luksOpen /dev/volgroup/home chome
3. mke2fs -j -O dir_index -L /home /dev/mapper/chome
Then add it to /etc/crypttab:
chome /dev/volgroup/home none
Then change /etc/fstab, the line that mounts /home, to mount from
/dev/mapper/chome.
> Also, should I also encrypt the
> main / partition??
There's little point in that, but it does add more security. Also, you
should encrypt any swap and, if not encrypting /home, /tmp:
Add to /etc/crypttab:
1. cswap /dev/volgroup/swap /dev/urandom swap
2. ctmp /dev/volgroup/tmp /dev/urandom tmp
3. cvartmp /dev/volgroup/vartmp /dev/urandom tmp
Then add to /etc/fstab:
/dev/mapper/cswap swap swap defaults 0 0
/dev/mapper/ctmp /tmp ext2 defaults 0 0
/dev/mapper/cvartmp /var/tmp ext2 defaults 0 0
There may be some graphical tool that allows all this, but I'm a
command-line person.
--
lfr
0/0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20071224/c500a894/attachment-0001.bin
More information about the users
mailing list