Is there a way to encrypt all your partitions?
 

I'm wondering if there might be a way to encrypt your entire disk, with the decryption key being entered at boot, so that no one can read your hd contents by any means without the key.

I know TrueCrypt offers a similar functionality for Windows, but it isn't in the Linux port. Anyone know an alternative?

Most distributions offer that option at installation now. You also have the option of encrypting partitions when you format them with many GUI tools (like gnome-disk-utility). If you want to encrypt on a directory level, the fuse encfs command can do that.

World class encryption lies inside the Linux kernel (which US govt uses).

You have to do it using device mapper and cryptsetup.

Can this be done on partitions that already have an OS and everything, or does it have to be formatted differently?

bump

You can not encrypt the whole system. Encryption is done in the kernel, but the kernel has to be loaded first to decrypt your partitions. So you need at least one partition that is not encrypted, the /boot-partition, so that your bootloader can start your OS.

Yep, but grub, kernel and initrd could be on a CD, USB stick or delivered via PXE. Like running FreeNAS from CD where all attached disks are encrypted.

Another (expensive) option would be hardware encryption where you have to enter a passphrase first, maybe even generated by something like the RSA SecurID.

You are right, I haven't thought of that.

You can't convert data on an existing partition for plain text to encrypted.

You need to backup, setup the encryption container and restore your backup onto it. If you want to encrypt the partition the OS is installed on the easiest way is to reinstall.

Yes, but this partition can be as small as you want, so you won't lose much drive space.

You could make a modified initrd that runs cryptsetup if you want even finer control. Use LUKS with cryptsetup and you're set to go.

By the way, there is no security against rubberhose attacks, so be careful about whatever it is that you intend to do.

Could someone point me to a guide that explains how to do this?

Since you're using Slackware in your distro list, have a look in the README_CRYPT.txt that came with it and search for the section "Combining LUKS and LVM" - it should be helpful.

Google it. There are plenty of guides available. Take note that your system will run slower if the root partition is encrypted. Also, if you use a swap partition, it will have to be unencrypted. This is especially important if you ever "hibernate" the system.