[Cialug] Encrypting filesystems - WAS: OT: Macbook for sale

Jeffrey Ollie jeff at ocjtech.us
Wed Dec 16 09:46:13 CST 2009


On Wed, Dec 16, 2009 at 9:29 AM, Nathan C. Smith <nathan.smith at ipmvs.com> wrote:
>
> I’ve never used the encrypting filesystems on Linux.  Are they easy to
> configure?  Is anyone on the list using one?  Can you boot from an encrypted
> filesystem?

Recent Fedora versions make it dead easy to encrypt your filesystems,
at least with a fresh install (I've never tried to retrofit encryption
onto an already installed system).  I'd imagine that Ubuntu has pretty
decent support too.  I've run my laptop with disk encryption for over
a year without any problems, although I'm sure I lose a little
performance due to the encryption overhead.

You don't really 'boot' from the encrypted partition...  The /boot
partition is left unencrypted so that BIOS and grub can load the
kernel and initial ram disk.

Note that disk encryption doesn't protect you if someone hostile gets
access to your laptop, and then *gives it back* - they may have
installed a keylogger or similar device to capture your passphrase and
circumvent your encryption.

-- 
Jeff Ollie


More information about the Cialug mailing list