Re: etch installer and dm-crypt
> > The best would be, to have i.e. 3 encrypted partitions, give one
> > passphrase at boottime, and that's it.
>
> If you don't want to type so many passwords, why not just use 1
> partition?
Is it useful, to have just a unencrypted /boot partition and encrypt all
the rest on a second one?
I thought the recommended way is to encrypt /home /tmp and /var
because there my 'personal' files are - and let the rest unencrypted
due to the perfomance ...
> If you really want multiple encrypted partitions you'll probably have
> to hack the init script in the initrd. The first google hit:
>
> http://www.debian-administration.org/articles/179
>
> shows an example "mkinitrd.dmcrypt-usb" script. Just after it does a
> cryptsetup on the rootfs you would setup your other two partitions.
>
> And, yes this is talking about a usb flash drive, but the basic ideas
> apply to HD installations as well.
Thanks for this hint. I found this link before, but didn't recognise
that it could be useful for a hdd-encryption...
sigi.
Reply to: