[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice on encrypted filesystem

On 2020-06-24 18:34, Roberto C. Sánchez wrote:
On Wed, Jun 24, 2020 at 09:28:38PM -0400, rhkramer@gmail.com wrote:
On my Wheezy system, I used cryptsetup to set up a LUKs  encrypted file system
on a dedicated partition (actually, two filesystems).

It was a PITA learning how to do it, and it was 6 years ago, and it looks like
I have to relearn it to do it again on Jessie and / or Buster (and on a backup
device).  (I have my "stream of consciousness" notes from when I did it back
then, but there were so many false starts / blind paths that the notes are
very confusing.)

I'm wondering if cryptsetup is still something like "state of the art" or if
there is anything more secure and simpler to learn to setup?

Assuming you are considering a new installation, which you seem to have
implied, then you should probably just try the Debian Installer.  The
support for installing to an encrypted partition has improved
considerably with each installer release.  The last time I did it with a
Buster installer it was not even necessary to consult my notes.


Running cryptsetup(8) by hand is not very hard. The challenge is deciding how to fit encryption into everything else -- passphrases, keys, boot, devices, partitioning, md RAID, LVM, file systems, ZFS, etc.. Post your requirements and people can guide you.


Reply to: