LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-18-2008, 11:40 AM   #1
sbjepsen
LQ Newbie
 
Registered: May 2007
Location: Denmark
Distribution: Slackware
Posts: 3

Rep: Reputation: 0
Encryption of harddrive


I run a dual-boot system with two physical harddrives, WinXP and Slackware 12.

Ive begun a reinstallation of Slack in order to encrypt the partitions (/home and /swap as minimum) to improve security of the files.

The current layout is

/sda1 NTFS
/sda2 /boot
/sda3 /swap
/sda4 /opt


/sdb1 /
/sdb2 /swap
/sdb3 /usr
/sdb4 /home

cryptsetup has until now been used on /swap and /home, but I consider encryption of all Linux partitions (/boot excluded ...) in order to secure the whole linux box. (i dont care about the XP - its only for games)

Now: If the /sda fails, or I othervise have to reinstall Slack, how do I reconstruct the access to the encrypted /home partition, through the cryptsetup procedure or ... ?

Any pointers to this will be welcome

Regards
 
Old 01-20-2008, 01:56 AM   #2
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
Tell me, how would you reconstruct data from a failed hard disk drive, even if the data weren't encrypted.
I suggest you always keep a backup of encrypted file system.
 
Old 01-20-2008, 12:56 PM   #3
sbjepsen
LQ Newbie
 
Registered: May 2007
Location: Denmark
Distribution: Slackware
Posts: 3

Original Poster
Rep: Reputation: 0
Well - I won't be able to reconstruct the data on the failed disc. Its kind of basic knowledge, and was not what I asked ....

Anyway I'll just make a test and see what happens.
 
Old 01-20-2008, 01:25 PM   #4
PTrenholme
Senior Member
 
Registered: Dec 2004
Location: Olympia, WA, USA
Distribution: Fedora, (K)Ubuntu
Posts: 4,186

Rep: Reputation: 346Reputation: 346Reputation: 346Reputation: 346
You might also want to look at the fuse-based encrypted filesystem. I don't see the point in encrypting the OS-specific parts of your system since those files are available to anyone who wants to download them from the Internet.

If you're thinking that you can avoid "crackers" by encrypting your drive, consider that most attacks are mounted against running systems, and, if your system is running, you OS files are "unencrypted" for anyone who breaks into your system at that time.

There is a "Security" forum here on LQ where you can find many people willing to help you secure your system.
 
Old 01-20-2008, 02:47 PM   #5
sbjepsen
LQ Newbie
 
Registered: May 2007
Location: Denmark
Distribution: Slackware
Posts: 3

Original Poster
Rep: Reputation: 0
Thank you very much for the pointer to fuse.

The reason for encrypting the whole system, was to ensure that logs, cache-files and other files like that would be safe from intrusion.

I did fiddle around, and made specific /var and /tmp partitions which will be the ones encrypted along with /home and /swap. The rest will be left open.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux password encryption and data encryption Tux-Slack Programming 4 06-20-2007 06:46 AM
Fedora Core 6 won't recognize second internal harddrive or usb harddrive Rockgod1969 Linux - Hardware 14 01-26-2007 01:03 AM
Harddrive encryption and FTP Gunrunner Linux - Security 5 07-15-2005 06:08 AM
Installing linux on 2nd harddrive(dual boot) windows on seperate harddrive lysol Linux - Software 25 08-03-2004 09:33 AM
Mandrake 9.0 Wireless Works without encryption.. does not with encryption topcat Linux - Wireless Networking 3 05-04-2003 08:47 PM


All times are GMT -5. The time now is 10:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration