encrypt my system
 

Hi!

As I'm considering more and more reinstalling completely my system my whole computer, I was thinking about securing it by the way.

It's not really that I've something to hide but my private data are... private :rolleyes:

So I don't really know the different solution but I've heard of some.
I think gpg is only for individual files and not a whole partition.
TrueCrypt allow to encrypt a partition but I don't think it's possible to use it at start-up.
I read that LVM do also encryption, is that right ?
I saw an article about encrypting the home directory with eCrypt
There is also LUKS but know nothing about it.

Do you know others ?
What's the difference between them ?

One thing important with the encryption is that I want to be able to access easily without too much difficulties my data in case my computer crash or something like that. I don't want to lose access to my data if something bad happens.

I don't mind using the command line while it's not annoying in the every day life (I maybe don't want to do 5 commands each time I start my computer or mount an usb key)

Thank you

Hi,

LVM does not do encryption. However, it is used when you want to encrypt your system. Not sure why exactly it is preferred to normal partitioning, but it has something to do with certain functionality (like hibernate) that would otherwise not be available. At least this is for Ubuntu the case. Now how you would want to setup your system depends on your harddisk layout. One easy way is to create one small boot partition (appr. 500MB will suffice) and one big root partition. Then you encrypt the root partition, and create at least two logical volumes in the encrypted partition. One for root and one for swap. It is important to use encrypted swap, otherwise files that get swapped would remain unencrypted after system shutdown.
The boot partition has to remain unencrypted.

Here is a good tutorial on how to install Ubuntu in an encrypted partition.
http://eubolist.wordpress.com/2010/0...using-live-cd/

I see in your profile that you use archlinux. I am not familiar with that, but if it has an option to install via liveCD then the procedure should be adaptable with a few minor changes.

Hope this helps.

Hum I'm not sure I understood that :D

I haven't tested it (yet) but I think LVM is great because you can resize your disk easily without having to move a partition, do a full backup of your whole computer every time you do something,...

Thank you for your link, I'll have a look

I think ubuntu is the only distribution allowing to do that during the installation (I mean so easily)
I suppose you can encrypt every system with every software

I know you can encrypt the whole disk with fedora 12 and debian lenny too. It's a little annoying though, you need a password to boot. My laptop just has an encrypted home folder though, which uses my login password when I log in. Not as secure, but enough to stop a thief looking for credit card numbers.

Yes I don't think it's really usefull to encrypt the whole system, the most important informations are on the root partition.
So you can decrypt it just when you log in ?
what is the program you used ?