On Mon, Dec 31, 2007 at 09:09:30PM +0000, Mike wrote: > From the other reply to your post it seems that some have got disk > encryption to work - but it can be hard work by the sound of it. I wrote an article to make it easier. Go have a look: http://www.msquared.id.au/articles/cryptroot/ Basically, full step-by-step instructions for encrypting your entire hard drive during a fresh install of Fedora 8. On Mon, Dec 31, 2007 at 01:53:34PM -0500, Mail Lists wrote: > Encrypted swap can be made to work using luks and /etc/crypttab - which > does work fine. There is a warning at boot about the swap device not > being able to be resumed - which while a true statement is > irrelevant in a cold boot setting. But it encrypted swap does at least > work and is quite straightforward to set up. (You cannot use > sleep/hibernate/freeze resume however). Check out my article above - because it encrypts the entire drive (and decrypts it before resume is done during boot), you can even hibernate/resume successfully with it. > Encrypted root has no chance yet - at a minimum it requires the > updated mkinitrd. This is true, which is why I wrote my article - it includes patches for the current version(s) of mkinitrd to address this problem. It's not a long-term solution, but it will get you going right now until encrypted root is supported in a future Fedora release. On Mon, Dec 31, 2007 at 01:11:38PM -0800, Mr.Scrooge wrote: > I am curious about this as well but i'd say if someone has access to > your harddrive then you are screwed anyway, at that point it simply > becomes a matter of time before they find a way to crack your > encryption. Probably better off focusing your attention on keeping > people out. Do both. :-) Layers upon layers of security.... I don't have information on my laptop that is worth industrial espionage to obtain, so I figure the most likely occurrence with my laptop is simple random opportunistic theft. A random thief will probably be sufficiently deterred by the encryption as not to bother. He'll only want to make money selling the hardware, anyway. If he found some useful info (credit card info, login info, etc), then maybe he'd be interested, but I don't think he'd spend the time to break the encryption for it. On Wed, Jan 02, 2008 at 01:49:32PM -0700, Robin Laing wrote: > I am about to encrypt the swap and tmp on my laptop. If you're game, try the instructions in my article - I can always do with feedback. On Thu, Jan 03, 2008 at 05:59:08PM +1030, Tim wrote: > > Are that many people really that careless with their laptops? > > You do have to wonder about that. > > Having spent a whacking great amount of money buying mine, recently, if > I were to take it somewhere I wouldn't be letting it out of my sight. > Losing *it* would concern me more than anything that might be on it. For me, I feel the other way around. The hardware can be replaced relatively easily, whereas if I suspected the data were likely to be compromised, I'd have a lot of passwords to change, people to notify, etc etc. Regards, Msquared...
