I run a dual-boot system with two physical harddrives, WinXP and Slackware 12.

Ive begun a reinstallation of Slack in order to encrypt the partitions (/home and /swap as minimum) to improve security of the files.

The current layout is

/sda1 NTFS
/sda2 /boot
/sda3 /swap
/sda4 /opt


/sdb1 /
/sdb2 /swap
/sdb3 /usr
/sdb4 /home

cryptsetup has until now been used on /swap and /home, but I consider encryption of all Linux partitions (/boot excluded ...) in order to secure the whole linux box. (i dont care about the XP - its only for games)

Now: If the /sda fails, or I othervise have to reinstall Slack, how do I reconstruct the access to the encrypted /home partition, through the cryptsetup procedure or ... ?

Any pointers to this will be welcome

Regards

Tell me, how would you reconstruct data from a failed hard disk drive, even if the data weren't encrypted.
I suggest you always keep a backup of encrypted file system.

Well - I won't be able to reconstruct the data on the failed disc. Its kind of basic knowledge, and was not what I asked ....

Anyway I'll just make a test and see what happens.

You might also want to look at the fuse-based encrypted filesystem. I don't see the point in encrypting the OS-specific parts of your system since those files are available to anyone who wants to download them from the Internet.

If you're thinking that you can avoid "crackers" by encrypting your drive, consider that most attacks are mounted against running systems, and, if your system is running, you OS files are "unencrypted" for anyone who breaks into your system at that time.

There is a "Security" forum here on LQ where you can find many people willing to help you secure your system.

Thank you very much for the pointer to fuse.

The reason for encrypting the whole system, was to ensure that logs, cache-files and other files like that would be safe from intrusion.

I did fiddle around, and made specific /var and /tmp partitions which will be the ones encrypted along with /home and /swap. The rest will be left open.