Rick Thomas wrote: > Bob Proulx wrote: > >The way I like to set up the system is to set up /boot in its own > >partition on /dev/sda1. Then set up the rest of the disk in /dev/sda5 > >as a logical partition for an encrypted partition. Then use that > >encrypted partition for one large LVM volume. This includes swap. > >You definitely want to encrypt swap along with everything else. > > Unless you are concerned about growing swap at some later date, The question is would I ever want to have less than that minimum amount of swap space? Would I mind dedicating a physical partition of a hard size? Probably okay. I would probably never want to reduce it in practice. And I could always create a new lvm logical volume later to add more if needed. But in general I do like having the ability to resize all partitions. And it is very convenient to treat swap the same as any other logical volume. > you should leave swap out of the LVM and encrypt it separately -- > with a *random* key. > > I.e. something like this in /etc/crypttab: > ># Swap > >hda4_crypt /dev/hda4 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap > > You don't have to provide an extra key at boot time for swap (the > system generates it automatically). That is clever. Not enough to convince me to use it myself though. :-) Clever enough for me to note it down for future reference. I think including a hard partition and using a one time throw away encryption key for it as you suggest is a fine configuration. But I don't think I will go for it that way personally. It is a little more complex than just keeping it in another logical volume. I think simpler is better and that sways me that direction. > This way, when the system is turned off, your swap becomes > undecipherable. Yes. But that is also true when you have swap included in an encrypted volume. If your laptop is stolen then in neither case can someone get access to any of the data on it. At that level, there is no difference. > If you put swap on the LVM, its contents survive a reboot, and > therefor can be read by anyone who has the key to the LVM. Of course that is true. Since the key is a one time use throw-away key it creates a throw-away container. But is it important? I don't think so. Are you trying to protect you from yourself? The point is that no one who *doesn't* have the key can read the disk. You as the laptop owner are the one with the encryption key. No one else can access the data on the disk. With either configuration. I will give you that it is a clever configuration though. Bob
Attachment:
signature.asc
Description: Digital signature