|
benefit of mounting luks encrypted partition at boot
Hello all,
I would like to start by saying I know how to create a luks encrypted partition, and also having it automount on boot (with and without asking for passphrase at boot) My question is this: The entire purpose of luks encryption is to force a passphrase in order to mount (more security) If I were to do a luksAddKey and have the partition automount at boot without requesting a passphrase... is the partition still more secure than a non-encrypted partition? Otherwise it seems as if putting a luks encrypted partition in the fstab is a terrible idea, unless you're always infront of the console, and not remote... thoughts? |
Unless the device containing the keyfile is itself encrypted (which would require someone to be available to unlock that device), there would be essentially zero added security.
|
That's what I thought. Thank you for clarifying.
|
| All times are GMT -5. The time now is 01:22 AM. |