Re: best filesystem for logical volume ?

To: debian-user@lists.debian.org
Subject: Re: best filesystem for logical volume ?
From: Bob Proulx <bob@proulx.com>
Date: Tue, 21 Aug 2012 13:33:01 -0600
Message-id: <[🔎] 20120821193301.GB30427@hysteria.proulx.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] CAH_OBieNTipwVEwwOiGLYwZQit-UcO=6m-Yb0u6NPPC9iGWozw@mail.gmail.com>
References: <[🔎] 20120817165340.2d9c89ad@shiva.selfip.org> <[🔎] k0loop$o53$13@ger.gmane.org> <[🔎] 20120817215622.650d147e@shiva.selfip.org> <[🔎] k0lrka$o53$17@ger.gmane.org> <[🔎] 20120817221953.39815a15@shiva.selfip.org> <[🔎] k0lugr$o53$20@ger.gmane.org> <[🔎] 20120817231201.6fe1225c@shiva.selfip.org> <[🔎] CAH_OBieNTipwVEwwOiGLYwZQit-UcO=6m-Yb0u6NPPC9iGWozw@mail.gmail.com>

shawn wilson wrote:
> J. B wrote:
> > Though I'm little confused now. As per the tutorial /boot should be
> > un-encrypted. But I got some doc at net where /boot is also encrypted.
> > Can you please help me to solve the puzzle ?
> > I'm following  http://kirriwa.net/john/doc/lvm+raid1.html#step3
> 
> you can encrypt /boot as long as grub is aware of the schema iirc.
> but, this begs the question - why? do you store your web cache in
> /boot, or a db of your cc numbers, or your porn pics, or your kid's
> birthday picture? or do you care that someone might recover that you
> stored your kernel image on the second partition of the first disk?

Right.  I don't encrypt /boot.  But I do encrypt the rest.  Usually by
an encrypted lvm volume from which I allocate swap and root partitions.

> i personally don't see the need for full disk encryption. i mean, if
> you live in the US, a court order will keep you in jail or force you
> to give up the password

While the US legal system may do this full disk encryption is still
useful against the more common criminals who have stolen your laptop.
If my laptop is lost or stolen then I have some protection by having
full disk encryption.  I can take my time changing my bank passwords
at that point.

> vs if you have smaller encrypted files that no one finds (obfuscated
> in databases of pictures of a small encrypted file or some such
> scheme) that someone might now find. or, if you surf the net in a vm
> (as you should anyway) and encrypt the vm image, your browser data
> is safe if someone steals your computer. fwiw

It is difficult to be so completely mentally disciplined that you
always know exactly what files contain sensitive data such as logins
and passwords that need to be protected and which are mundane.  It is
easier to treat all the same, all encrypted, and avoid the on the fly
decision making.  It is too easy to make mistakes otherwise.

Since the Debian installer makes setting up full disk encryption so
easy I always do that for mobile devices.

Bob

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- best filesystem for logical volume ?
  - From: "J. B" <bakshi12@gmail.com>
- Re: best filesystem for logical volume ?
  - From: Camaleón <noelamac@gmail.com>
- Re: best filesystem for logical volume ?
  - From: "J. B" <bakshi12@gmail.com>
- Re: best filesystem for logical volume ?
  - From: Camaleón <noelamac@gmail.com>
- Re: best filesystem for logical volume ?
  - From: "J. B" <bakshi12@gmail.com>
- Re: best filesystem for logical volume ?
  - From: Camaleón <noelamac@gmail.com>
- Re: best filesystem for logical volume ?
  - From: "J. B" <bakshi12@gmail.com>
- Re: best filesystem for logical volume ?
  - From: shawn wilson <ag4ve.us@gmail.com>

Prev by Date: Re: Logging ISP Download Speed.
Next by Date: Re: on the way of encrypting a system, need some help please
Previous by thread: Re: best filesystem for logical volume ?
Next by thread: Re: best filesystem for logical volume ?
Index(es):
- Date
- Thread