[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: enxcryption of the whole system

On Wed, Nov 14, 2007 at 07:53:03PM +0100, Hans-J. Ullrich wrote:
> I do not know, if I dare to ask some question here, as it is not real amd64 
> related. Well, I try it...
> I want to encrypt my whole system = all partitions. I only found Debian 
> related howto, which only tell me it, to do this during the installation 
> (using LVM and so on), As I have installed my whole system already and do not 
> format and reinstall my partitions, I would like to encrypt it now.
> Just my questions: 
> 1. Is this possible at all ? (I would prefer dm_crypt) 
> 2. Must I use LVM ? 
> 3. In case, I have to reformat my partitions, can I backup my datas to another 
> host (i.e. with rsync), and play it onto the enrypted filesystem back to the 
> encrypted partitions ?
> Thank you very, very much for any help !

Given doing encryption requires use of loopback mounted or dm_crypt
there is no way to install it without redoing your filesystems.

You should be able to backup your data and restore it, although of
course you have to not overwrite the configurations in /etc related to
the crypt/lvm/etc setup.  Of course your actual data should be in your
home directory or some other relevant data location anyhow.

But yes to get encryption you pretty much have to backup everything and
reinstall.  Adding raid also requires a re setup (although raid can be
done on the fly by someone very experienced with linux software raid
without a reinstall but it involves manually creating new devices and
copying data around and changing boot arguments along the way a few
times.  Encryption is even more complex than software raid).

Len Sorensen

Reply to: