Is there a way to encrypt all your partitions?
I'm wondering if there might be a way to encrypt your entire disk, with the decryption key being entered at boot, so that no one can read your hd contents by any means without the key.
I know TrueCrypt offers a similar functionality for Windows, but it isn't in the Linux port. Anyone know an alternative? |
Most distributions offer that option at installation now. You also have the option of encrypting partitions when you format them with many GUI tools (like gnome-disk-utility). If you want to encrypt on a directory level, the fuse encfs command can do that.
|
World class encryption lies inside the Linux kernel (which US govt uses).
You have to do it using device mapper and cryptsetup. |
Quote:
|
bump
|
You can not encrypt the whole system. Encryption is done in the kernel, but the kernel has to be loaded first to decrypt your partitions. So you need at least one partition that is not encrypted, the /boot-partition, so that your bootloader can start your OS.
|
Quote:
Another (expensive) option would be hardware encryption where you have to enter a passphrase first, maybe even generated by something like the RSA SecurID. |
Quote:
|
Quote:
You need to backup, setup the encryption container and restore your backup onto it. If you want to encrypt the partition the OS is installed on the easiest way is to reinstall. |
Quote:
You could make a modified initrd that runs cryptsetup if you want even finer control. Use LUKS with cryptsetup and you're set to go. By the way, there is no security against rubberhose attacks, so be careful about whatever it is that you intend to do. |
Quote:
|
Since you're using Slackware in your distro list, have a look in the README_CRYPT.txt that came with it and search for the section "Combining LUKS and LVM" - it should be helpful.
|
Google it. There are plenty of guides available. Take note that your system will run slower if the root partition is encrypted. Also, if you use a swap partition, it will have to be unencrypted. This is especially important if you ever "hibernate" the system.
|
All times are GMT -5. The time now is 08:57 PM. |