You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.

To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.

This is the comment you were replying to, attached to the article System encryption on Debian Etch:

#1 Re: System encryption on Debian Etch Posted by wuzzeb (70.225.xx.xx) on Mon 14 Aug 2006 at 22:38 For swap partition, you are better off doing something like the following in /etc/crypttab swap /dev/sda2 /dev/random swap and then in /etc/fstab /dev/mapper/swap none swap sw 0 0 This will use a random key for swap, which will be different every time you boot. This way, your swap space is just like real memory... once the system shuts down, the random key used for the swap partition is long gone, and no one (not even you) can recover any data. Because the key is completly random, a brute force of the key would also be infeasable. Also, if you are interested in using LVM, after running cryptsetup # sudo cryptsetup luksOpen /dev/hda5 root # pvcreate /dev/mapper/root # vgcreate vgroot /dev/mapper/root # lvcreate -s 10G -n root vgroot # mkfs.ext3 /dev/mapper/vgroot-root # mount /dev/mapper/vgroot-root ... # lvcreate -s 30G -n home vgroot # mkfs.ext3 /dev/mapper/vgroot-home Notice that the initrams-tools version in unstable has support for crypt and LVM (and LVM over crypt) (actually, the cryptsetup package has the support files), and should automaticly detect all your settings (if /etc/crypttab and /etc/fstab are set up correctly)

Inappropriate comments will be removed.

Username:

Password:

[ Advanced Login ]

Register Account