Sjors van der Pluijm wrote:
i maintain a few laptops with encryption and i developed the following habit.Op vrijdag 8 januari 2010 12:26:37 schreef Stan Hoeppner:Well, I might heave read wrong, but I thought the Debian installer warned me not to leave swap unencrypted while other partitions are encrypted. It makes sense too: sensitive content could easily be written to swap.Sjors van der Pluijm put forth on 1/8/2010 5:13 AM:3. Is it ok to have swap and /boot on an encrypted LVM?Never run encryption on swap. Doing so merely burdens performance. I doubt even NSA, CIA, MI6 encrypt swap partitions on workstations.
/ 10GB /home the rest + encryptionthese are fairly new laptops with or more then 1GB RAM, simply not having any /swap solves the problem and with enough RAM available i never had any problem.
not having the / root partition encrypted leaves some room for trouble shooting is the thought here since the sensitive information is in the /home anyway.
not sure if this is the best way to do this but its simple and works nicely in my experience.
Randall