From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-131819-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RVmIJ-0000Lq-3i
	for garchives@archives.gentoo.org; Wed, 30 Nov 2011 15:41:59 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 40D7921C071;
	Wed, 30 Nov 2011 15:41:45 +0000 (UTC)
Received: from mail-vx0-f181.google.com (mail-vx0-f181.google.com [209.85.220.181])
	by pigeon.gentoo.org (Postfix) with ESMTP id 64C1521C037
	for <gentoo-user@lists.gentoo.org>; Wed, 30 Nov 2011 15:40:31 +0000 (UTC)
Received: by vcbfl17 with SMTP id fl17so540118vcb.40
        for <gentoo-user@lists.gentoo.org>; Wed, 30 Nov 2011 07:40:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=KDRKJixtNBbaUJ8Sr6LvkX8vfo6yvfhSNkTUxro8W+4=;
        b=stpvtr+VsABZQDhHcjqPnn/ZRxyJa2ZWz/kdi3pm1VjhDXNRvN4yadlMkBo+deHN+V
         7RKxYa04EK3FZYuzEZJk+q7rfIwYdwiJEy2k/BaQp7iWB2/gSC06ldBqF6y1vtCxwGfn
         +hEYwCtkHZ0cLTG7Zn5VnDqY2XyYFV39vZ6X0=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.220.84.7 with SMTP id h7mr516530vcl.26.1322667630635; Wed, 30
 Nov 2011 07:40:30 -0800 (PST)
Received: by 10.52.188.104 with HTTP; Wed, 30 Nov 2011 07:40:30 -0800 (PST)
In-Reply-To: <20111130152753.176a9a08@hactar.digimed.co.uk>
References: <CAPFNKCJwCPKgW4guD_XaiMjx-Ln9AoSb1F1wPVF+dja8ru8gaQ@mail.gmail.com>
	<20111130152753.176a9a08@hactar.digimed.co.uk>
Date: Wed, 30 Nov 2011 16:40:30 +0100
Message-ID: <CAPFNKCJm0BP8NA-7ULdD+D+=4br-vjuUp+cOf7EB0k2YvfzeJg@mail.gmail.com>
Subject: Re: [gentoo-user] Full disk encryption
From: czernitko <czernitko@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=0016363b7b2e47ab3204b2f58e75
X-Archives-Salt: 7fd9a14f-6bbf-494e-9f55-5bde3be00037
X-Archives-Hash: 5d8d2225f1b42a2b44607d35ef6436d8

--0016363b7b2e47ab3204b2f58e75
Content-Type: text/plain; charset=ISO-8859-1

Hello, thanks for your response, Neil!
As for dmcrypt usage, what do you think about truecrypt or pgp whole disk
encryption as alternatives to dmcrypt?
I would like to have only one partition with all home directories on it,
and I would like to avoid usage of initrd as I don't use it now and I would
like to keep it that way if possible.

Peter


2011/11/30 Neil Bothwick <neil@digimed.co.uk>

> On Wed, 30 Nov 2011 16:19:18 +0100, czernitko wrote:
>
> > I would like to set up an encrypted partition for my /home directories
> > on Gentoo Hardened. Which approach do you recommend?
>
> Do you want a single encrypted filesystem, or separately encrypted home
> directories for each user. for the former, emerge cryptsetup, use it to
> create the encrypted block device and set it up in /etc/conf.d/dmcrypt.
>
> For individually encrypted home directories, using ecryptfs on top of a
> standard filesystem, as used by Ubuntu, is probably the best way.
>
>
> --
> Neil Bothwick
>
> "You want us to do WHAT?" - Ancient Chinese wall engineer.
>

--0016363b7b2e47ab3204b2f58e75
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hello, thanks for your response, Neil! <br>As for dmcrypt usage, what do yo=
u think about truecrypt or pgp whole disk encryption as alternatives to dmc=
rypt?<br>I would like to have only one partition with all home directories =
on it, and I would like to avoid usage of initrd as I don&#39;t use it now =
and I would like to keep it that way if possible.<br>
<br>Peter<br><br><br><div class=3D"gmail_quote">2011/11/30 Neil Bothwick <s=
pan dir=3D"ltr">&lt;<a href=3D"mailto:neil@digimed.co.uk">neil@digimed.co.u=
k</a>&gt;</span><br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0=
 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class=3D"im">On Wed, 30 Nov 2011 16:19:18 +0100, czernitko wrote:<br>
<br>
&gt; I would like to set up an encrypted partition for my /home directories=
<br>
&gt; on Gentoo Hardened. Which approach do you recommend?<br>
<br>
</div>Do you want a single encrypted filesystem, or separately encrypted ho=
me<br>
directories for each user. for the former, emerge cryptsetup, use it to<br>
create the encrypted block device and set it up in /etc/conf.d/dmcrypt.<br>
<br>
For individually encrypted home directories, using ecryptfs on top of a<br>
standard filesystem, as used by Ubuntu, is probably the best way.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
--<br>
Neil Bothwick<br>
<br>
&quot;You want us to do WHAT?&quot; - Ancient Chinese wall engineer.<br>
</font></span></blockquote></div><br>

--0016363b7b2e47ab3204b2f58e75--