Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hey, so I've Googled around and I haven't found anything definitive. I was wondering how I'd encrypt a drive and have it auto mount at boot. I've found a couple "tutorials" that were like "it's easy, just do this, this, and this." But they weren't detailed.
I honestly don't know where to start because I don't know what daemons would handle it, if you even need them, I don't know. Does the kernel support drive encryption natively?
I also read about how encryption can be bad for data loss because the reason for encryption is a defense against digital forensics, so parity isn't an option. I really don't know enough about this, but I can't find a thorough and comprehensive source of information.
Can anyone point me in the right direction? Some documentation, lectures, lessons, just about anything to give me a crash course so I have a better understanding and sense of direction.
If you are talking about LUKS encryption, you can use /etc/crypttab to automatically unlock an encrypted volume and map it to a device name during mount processing. You might use this if you were going to encrypt only certain partitions, such as your /home partition. If you want to encrypt everything (e.g., your root filesystem and /home, etc), you'll need to create an unencrypted partition for /boot, and create an initrd (initial ram disk) with LUKS suppport using mkinitrd, then change GRUB or LILO to boot that.
I think many distros have guides on how to do this. While it might not apply directly to your situation with Ubuntu, you may find the Slackware README_CRYPT.TXT document informative, as it explains many of the concepts at length.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.