Mike Cloaked wrote: > > Mike Cloaked wrote: > >> If someone could boot the machine into single user mode then they could >> get in b ut only if they have the luks passphrase. So doing a fully >> encrypted install is pretty safe in the event the laptop got into the >> wrong hands. I am not even sure any of the tools currently available would >> be able to compromise a machine installed that way but no doubt other >> security experts will comment on that. >> >> >> > > By the way if your root partition was not encrypted then someone with > physical access to your machine could boot into single user mode and get > root access - hence encrypting the root partition is probably the only way > to avoid that - unless someone knows a different way in? > > The encryption feature is wonderful, I encrypt every partition on my Fedora 10 laptop. That keeps private things private: someone will have to learn the passphrase if they want to see the actual data. Suppose you are keeping critical information on an encrypted drive and you are living with a significant other who is financially dependent on you. Be sure that person knows the passphrase (or has access to it) and has training in how to log in to Fedora (or has access to documentation for doing so.) Leave a list of critical files the other party should know about. This is to ensure that if you die your loved one can get access to needed information. Bob Cochran -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
