From mboxrd@z Thu Jan 1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
by finch.gentoo.org with esmtp (Exim 4.60)
(envelope-from <gentoo-user+bounces-131819-garchives=archives.gentoo.org@lists.gentoo.org>)
id 1RVmIJ-0000Lq-3i
for garchives@archives.gentoo.org; Wed, 30 Nov 2011 15:41:59 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 40D7921C071;
Wed, 30 Nov 2011 15:41:45 +0000 (UTC)
Received: from mail-vx0-f181.google.com (mail-vx0-f181.google.com [209.85.220.181])
by pigeon.gentoo.org (Postfix) with ESMTP id 64C1521C037
for <gentoo-user@lists.gentoo.org>; Wed, 30 Nov 2011 15:40:31 +0000 (UTC)
Received: by vcbfl17 with SMTP id fl17so540118vcb.40
for <gentoo-user@lists.gentoo.org>; Wed, 30 Nov 2011 07:40:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type;
bh=KDRKJixtNBbaUJ8Sr6LvkX8vfo6yvfhSNkTUxro8W+4=;
b=stpvtr+VsABZQDhHcjqPnn/ZRxyJa2ZWz/kdi3pm1VjhDXNRvN4yadlMkBo+deHN+V
7RKxYa04EK3FZYuzEZJk+q7rfIwYdwiJEy2k/BaQp7iWB2/gSC06ldBqF6y1vtCxwGfn
+hEYwCtkHZ0cLTG7Zn5VnDqY2XyYFV39vZ6X0=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.220.84.7 with SMTP id h7mr516530vcl.26.1322667630635; Wed, 30
Nov 2011 07:40:30 -0800 (PST)
Received: by 10.52.188.104 with HTTP; Wed, 30 Nov 2011 07:40:30 -0800 (PST)
In-Reply-To: <20111130152753.176a9a08@hactar.digimed.co.uk>
References: <CAPFNKCJwCPKgW4guD_XaiMjx-Ln9AoSb1F1wPVF+dja8ru8gaQ@mail.gmail.com>
<20111130152753.176a9a08@hactar.digimed.co.uk>
Date: Wed, 30 Nov 2011 16:40:30 +0100
Message-ID: <CAPFNKCJm0BP8NA-7ULdD+D+=4br-vjuUp+cOf7EB0k2YvfzeJg@mail.gmail.com>
Subject: Re: [gentoo-user] Full disk encryption
From: czernitko <czernitko@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=0016363b7b2e47ab3204b2f58e75
X-Archives-Salt: 7fd9a14f-6bbf-494e-9f55-5bde3be00037
X-Archives-Hash: 5d8d2225f1b42a2b44607d35ef6436d8
--0016363b7b2e47ab3204b2f58e75
Content-Type: text/plain; charset=ISO-8859-1
Hello, thanks for your response, Neil!
As for dmcrypt usage, what do you think about truecrypt or pgp whole disk
encryption as alternatives to dmcrypt?
I would like to have only one partition with all home directories on it,
and I would like to avoid usage of initrd as I don't use it now and I would
like to keep it that way if possible.
Peter
2011/11/30 Neil Bothwick <neil@digimed.co.uk>
> On Wed, 30 Nov 2011 16:19:18 +0100, czernitko wrote:
>
> > I would like to set up an encrypted partition for my /home directories
> > on Gentoo Hardened. Which approach do you recommend?
>
> Do you want a single encrypted filesystem, or separately encrypted home
> directories for each user. for the former, emerge cryptsetup, use it to
> create the encrypted block device and set it up in /etc/conf.d/dmcrypt.
>
> For individually encrypted home directories, using ecryptfs on top of a
> standard filesystem, as used by Ubuntu, is probably the best way.
>
>
> --
> Neil Bothwick
>
> "You want us to do WHAT?" - Ancient Chinese wall engineer.
>
--0016363b7b2e47ab3204b2f58e75
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hello, thanks for your response, Neil! <br>As for dmcrypt usage, what do yo=
u think about truecrypt or pgp whole disk encryption as alternatives to dmc=
rypt?<br>I would like to have only one partition with all home directories =
on it, and I would like to avoid usage of initrd as I don't use it now =
and I would like to keep it that way if possible.<br>
<br>Peter<br><br><br><div class=3D"gmail_quote">2011/11/30 Neil Bothwick <s=
pan dir=3D"ltr"><<a href=3D"mailto:neil@digimed.co.uk">neil@digimed.co.u=
k</a>></span><br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0=
.8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class=3D"im">On Wed, 30 Nov 2011 16:19:18 +0100, czernitko wrote:<br>
<br>
> I would like to set up an encrypted partition for my /home directories=
<br>
> on Gentoo Hardened. Which approach do you recommend?<br>
<br>
</div>Do you want a single encrypted filesystem, or separately encrypted ho=
me<br>
directories for each user. for the former, emerge cryptsetup, use it to<br>
create the encrypted block device and set it up in /etc/conf.d/dmcrypt.<br>
<br>
For individually encrypted home directories, using ecryptfs on top of a<br>
standard filesystem, as used by Ubuntu, is probably the best way.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
--<br>
Neil Bothwick<br>
<br>
"You want us to do WHAT?" - Ancient Chinese wall engineer.<br>
</font></span></blockquote></div><br>
--0016363b7b2e47ab3204b2f58e75--