[dm-crypt] FYI: how to (really) cleanly shutdown the system when root is on multiple stacked block devices
ml at mareichelt.com
Fri Jul 2 20:48:54 CEST 2010
* Milan Broz <mbroz at redhat.com> wrote:
> On 06/27/2010 02:20 AM, markus reichelt wrote:
> >* Arno Wagner<arno at wagner.name> wrote:
> >>Hmm. You know, encrypted root is a problem and pretty difficult
> >>to do in the rfirt place. Why not just encrypt the critical
> >>parts, like /var /home /root? The rest only holds binaries and
> >>config files anyways, which are not that sensitive...
> >Are you serious?
> Usually encrypting everything is better, otherwise we add many
> problems here.
I phrased the question badly. My point is: Leaving /etc in plain but
encrypting /home (at least) leaves you wide wide open these days to
identity theft; wpa_supplicant and related foo, openvpn, ssh host
keys, ... just to name a few. That's what I was after.
left blank, right bald
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 836 bytes
Desc: not available
More information about the dm-crypt