[dm-crypt] Encrypting several disks with the same password + keyfile combinaison
ms at citd.de
Tue Apr 15 00:20:06 CEST 2014
On 14.04.2014 21:24, Xavier MONTILLET wrote:
> - (b) Use LUKS (which I would prefer to avoid, if it doesn't comprimise the
> security, because it adds a weak spot against disk failure: the header)
There are more "weak spots". Yyou even add one, but i guess adding two
is "too much"?
- Partition Table
- Superblock(s) of the filesystem(s)
- There are or at least i think there are a few "critical" blocks in
each filesystem that i think will ruin your day if damaged.
Personally i unintentionaly did away with one (Partition Table) and
don't use another (LVM), but that still leaves at least the
superblock(s) of the filesystem.
Btw. You can also use LUKS with a deattached header and/or backup the
header, so it's not weaker than the other weak spots.
More information about the dm-crypt