[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: etch installer and dm-crypt

> > The best would be, to have i.e. 3 encrypted partitions, give one 
> > passphrase at boottime, and that's it.
> 
> If you don't want to type so many passwords, why not just use 1
> partition?

Is it useful, to have just a unencrypted /boot partition and encrypt all 
the rest on a second one?
I thought the recommended way is to encrypt /home /tmp and /var 
because there my 'personal' files are - and let the rest unencrypted 
due to the perfomance ...

> If you really want multiple encrypted partitions you'll probably have
> to hack the init script in the initrd.  The first google hit:
> 
> http://www.debian-administration.org/articles/179
> 
> shows an example "mkinitrd.dmcrypt-usb" script.  Just after it does a
> cryptsetup on the rootfs you would setup your other two partitions.
> 
> And, yes this is talking about a usb flash drive, but the basic ideas
> apply to HD installations as well.

Thanks for this hint. I found this link before, but didn't recognise 
that it could be useful for a hdd-encryption...


sigi.
Reply to: