[clug] Ubuntu encrypted file systems

Stephen Boyd bunyipr at gmail.com
Fri Aug 21 06:33:47 MDT 2009

On Fri, 2009-08-21 at 19:33 +1000, Daniel Pittman wrote:
> So, I suspect that Stephen had LVM (with no encryption) and "Home
> directory
> encryption", which is based on eCryptfs (IIRC), enabled.
I have a dm-crypt device mapper layer (encrypts all except the /boot
partition plus ecryptfs of my /home directory.

Why - I was trying things out.

Which is better?
Encrypting the whole disk is simple - everything is encrypted when the
system is shutdown. It doesn't stop other legitimate users accessing
your data. Good for a single user laptop.
Encrypting your home directory protects it against other users of the
system (if you lend laptop to someone else with a different login, they
don't have the key to your data) but it doesn't protect data
in /var, /tmp etc.


More information about the linux mailing list