Quote:
Originally Posted by jschiwal
I don't see the sense in encrypting system directories. Why would you need to encrypt /bin/bash? Also, /etc/crypto is read by the kernel to determine which partitions are encrypted.
You can have an encrypted partition for data directories such as /home and maybe /tmp and /var. Then the blocks are encrypted on the drive and you give the password when you boot up.
You may opt for a very small swap file to reduce the probability that it will be used to cache memory holding personal information.
|
Hi and Thanks;
I guess the reason is keeping other people from successfully reading your drive, or making it harder. Another reason would be stealth, say encrypting a linux os on a usb drive to leave no trace say for computer forensics, privacy, embedded linux or hacking. Making the file system unreadable will keep most average computer users or wanna be hackers out of your stuff. I've seen this done by a couple of different vendors, a file system which boots and runs application and is unreadable except sector by sector. I'm curious if this is how they do it.
xor