On Wed, Jan 14, 2009 at 10:31:53 -0700, Robin Laing <Robin.Laing@xxxxxxxxxxxxxxx> wrote: > > Encryption to the level of encrypted home directories isn't being used > yet. I asked them if they had any ideas and we agree that for > incremental backups, a block diff would have to be done. Of course, > depending on the size of the partition, this could take some time. I > don't know. It's possibly too late for this, but what threat are you trying to counter by encrypting by home directores? Encrypting by partition and leaving them mounted all of the time would allow administrator access for making incremental backups. Most likely your admins are already trusted, as they could steal the passphrases needed to unlock the home directories my modifying the program that prompts for passwords or pulling keys out of memory. So encrypting home directories to prevent their access shouldn't be needed from a security perspective. There could be regulatory reasons you might have to do things that way. If you are trying to protect the users from accidentally letting other users see their stuff, there are probably other ways to do this without causing problems for making backups. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
