Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm a relative newby to Linux so forgive me if this is a simple question.
I know that if you install Ubuntu using the alternate CD, you can create a whole disk encrypted installation, but what about after a normal installation? What is the best procedure to use to get more than just the home folder encryted?
Installation of Fedora 13 gives the option during a normal install to encrypt more than just the home folder.
I really only want to encrypt my Ubuntu partition. I have a laptop with a multi-boot setup with Windows 7, Fedora 13 and Ubuntu 10.04 all residing in their own partition. Because of this setup I really can't use whole disk encryption.
I use Truecrypt on my Windows 7 partition and it works great but encryption of a Linux system partition is not supported.
I think it'll be difficult to do a "full" system encryption after the setup, because you'd probably need to wipe your existing partitions during the process. A home partition might well work, because you don't actually need it to run the system, but root parititon is then a whole other story..whatever way there is, I think it involves running the system a while from someplace else than the actual installation, which makes it more or less the same as if you'd just reinstall the system. Also, if you do reinstall, you don't have to think about gimmicks, just take backups, do the job and push the backups back in. Easier, safer and for all I know, faster too.
Remember that even if you do encrypt your "whole" system, you'll still have to leave a small portion unencrypted (so you can boot), and that's the weak point. At present, nothing you do will make the system inpenetrable, if you're even a little paranoid. Though if your biggest worries are younger-than-teen kids and their pranks, you're all right.
The easiest and quickest way is to use the alternate install cd. Create 2 partitions for Ubuntu, one for /boot and one as an luks container (encrypted partition). Use your luks container as a physical volume for LVM and create logical volumes for / (root), swap and /home, /tmp if you wish.
Then run through the install as normal. What your left with is everything except /boot encrypted, because there is only one container you only need one passphrase to boot the system. Even swap is encrypted so you can hibernate safely.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.