Re: LVM+RAID+CRYPT

To: debian-user@lists.debian.org
Subject: Re: LVM+RAID+CRYPT
From: Stan Hoeppner <stan@hardwarefreak.com>
Date: Fri, 08 Jan 2010 05:26:37 -0600
Message-id: <[🔎] 4B47166D.8070401@hardwarefreak.com>
In-reply-to: <[🔎] 201001081213.14162.sjors@desjors.nl>
References: <[🔎] 201001081213.14162.sjors@desjors.nl>

Sjors van der Pluijm put forth on 1/8/2010 5:13 AM:

> 3. Is it ok to have swap and /boot on an encrypted LVM?

Never run encryption on swap.  Doing so merely burdens performance.  I doubt
even NSA, CIA, MI6 encrypt swap partitions on workstations.

I've never tried to boot from an encrypted /boot, so I really can't say if it
would work or not.  Why can't/won't you create 3 partitions?

[boot] 100MB mounted as /boot normal ext2
[swap] 1-8GB mounted as normal swap partition
[root] [remaining space] mounted as /root and encrypted however you like

--
Stan

Reply to:

Follow-Ups:
- Re: LVM+RAID+CRYPT
  - From: Sjors van der Pluijm <sjors@desjors.nl>
- Re: LVM+RAID+CRYPT
  - From: Mark Allums <mark@allums.com>
- Re: LVM+RAID+CRYPT
  - From: Γιώργος Πάλλας <gpall@ccf.auth.gr>
- Re: LVM+RAID+CRYPT
  - From: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>
- Re: LVM+RAID+CRYPT
  - From: Ross Boylan <ross@biostat.ucsf.edu>

References:
- LVM+RAID+CRYPT
  - From: Sjors van der Pluijm <sjors@desjors.nl>

Prev by Date: LVM+RAID+CRYPT
Next by Date: Re: LVM+RAID+CRYPT
Previous by thread: LVM+RAID+CRYPT
Next by thread: Re: LVM+RAID+CRYPT
Index(es):
- Date
- Thread