Re: Advice on encrypted filesystem
On 2020-06-24 18:34, Roberto C. Sánchez wrote:
On Wed, Jun 24, 2020 at 09:28:38PM -0400, firstname.lastname@example.org wrote:
On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file system
on a dedicated partition (actually, two filesystems).
It was a PITA learning how to do it, and it was 6 years ago, and it looks like
I have to relearn it to do it again on Jessie and / or Buster (and on a backup
device). (I have my "stream of consciousness" notes from when I did it back
then, but there were so many false starts / blind paths that the notes are
I'm wondering if cryptsetup is still something like "state of the art" or if
there is anything more secure and simpler to learn to setup?
Assuming you are considering a new installation, which you seem to have
implied, then you should probably just try the Debian Installer. The
support for installing to an encrypted partition has improved
considerably with each installer release. The last time I did it with a
Buster installer it was not even necessary to consult my notes.
Running cryptsetup(8) by hand is not very hard. The challenge is
deciding how to fit encryption into everything else -- passphrases,
keys, boot, devices, partitioning, md RAID, LVM, file systems, ZFS,
etc.. Post your requirements and people can guide you.