[clug] Ubuntu encrypted file systems
david at tulloh.id.au
Fri Aug 21 06:21:40 MDT 2009
Ian McLeod wrote:
> Hibernate is pretty important to work - this is a big reason to have a
> netbook in the first place. What if only /home is encrypted - that at
> least offers some protection against casual theft or loss - and if
> someone is that keen to scan var and swap then maybe just let them -
> they clearly have too much spare time. So it's a case of what's 'good
> enough' - although ideally I would prefer total security but not to
> the point where the system is unusuable.
> Performance would be an issue although a netbook really is only for
> net use and basic work - and GPS in my case too.
> I am leaning toward wiping the install and using the Ubuntu 'alternate
> install' method to set up encryption from install.
> Anyone else done this on a netbook or laptop? Any advice? Is it
> possible to retain a working hibernate?
I run my laptop with a fully encrypted LVM setup.
I'm a Debian user, installation was as simple as selecting the encrypted
LVM option during the partition setup. This gave me an encrypted LVM
with all the partitions within this, I chose to have this include the
There were no encryption related problems. Hibernate worked fine, you
are prompted to enter the passphrase on boot then the system checks for
the frozen image. I didn't have to do anything special at any time due
to having an encryption based system.
My security desire was that all my information be protected in case the
laptop walked. Of particular concern was SSH pass phrases and passwords
as that could lead to damage on my other systems. If you have similar
concerns I think you have to go the full hog and encrypt everything
including /etc and swap. My laptop is very low powered and I felt that
performance was affected, any swapping will be slower and CPU usage will
be higher with IO access, if you have a fairly modern CPU you won't be
CPU bound and will probably never notice it. I was happy to trade off
the performance for security.
More information about the linux