Re: [gentoo-user] Encrypting a hard drive's data. Best method.

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: Dale <rdalek1967@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Encrypting a hard drive's data. Best method.
Date: Sat, 6 Jun 2020 20:54:23 -0500	[thread overview]
Message-ID: <df6775c4-744a-e49a-2e12-5f33efc21526@gmail.com> (raw)
In-Reply-To: <CADiAjt3EYE3-qK7VOdfD0byK+sJDbPq1_S0-8Nv5rXP0-quS-w@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1862 bytes --]

Sebastiaan L. Zoutendijk wrote:
> Dear Dale,
>
>     On Friday 5 June 2020, 11.37pm -0500, Dale wrote:
>
>> Is this a secure method or is there a more secure way?  Is there any
>> known issues with using this?  Anyone here use this method?  Keep in
>> mind, LVM.  BTFRS, SP?, may come later.
>     Another thing to keep in mind: if you only encrypt your /home, it is
> possible  that some data leak out of the encrypted volume. For  example,
> if  you  use swap, then the decrypted contents of /home residing in  RAM
> can  be  swapped out. If you want to protect yourself against that,  you
> will need to encrypt the swap volume as well. The same could happen with
> temporary files, so /tmp and /var/tmp might also need special treatment.
> Aside from encrypting, tmpfs is another possibility here.
>     This  problem is similar, but slightly different, to that  described
> by  J.  Roeleveld.  Here I am talking about the contents of  your  files
> leaking, instead of the LUKS keys.
>     If  you  are going to encrypt multiple filesystems, you  can  either
> make  separate  LUKS  volumes for each of them (each LUKS  volume  being
> inside  a  partition or LVM volume, for example), or you can create  one
> LUKS volume with several LVM volumes inside.
>
>                                                               Sincerely,
>
>                                                                  Bas
>
>
> --
> Sebastiaan L. Zoutendijk | slzoutendijk@gmail.com
>
>


That's something to think on.  Right now, I'm going sorta simple and
data that if I forget the password, I still got copies of.  No big
loss.  Later on tho, that info could come in handy.  I know a guy that
has his locked down tight.  I suspect everything is password protected. 
He was in China for a bit and it was sort of a requirement. 

Off to youtube.

Dale

:-)  :-) 

[-- Attachment #2: Type: text/html, Size: 2440 bytes --]

next prev parent reply	other threads:[~2020-06-07  1:54 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-06  4:37 [gentoo-user] Encrypting a hard drive's data. Best method Dale
2020-06-06  7:14 ` J. Roeleveld
2020-06-06  7:16 ` J. Roeleveld
2020-06-06  7:49   ` Dale
2020-06-06 10:32     ` Michael
2020-06-06 14:14       ` antlists
2020-06-06 11:05     ` Rich Freeman
2020-06-06 13:31       ` Victor Ivanov
2020-06-06 13:57     ` antlists
2020-06-06 14:10       ` Rich Freeman
2020-06-06 15:05         ` Jack
2020-06-06 14:18       ` antlists
2020-06-06 15:07       ` Dale
2020-06-06 19:02         ` J. Roeleveld
2020-06-06 14:07 ` Victor Ivanov
2020-06-06 18:51   ` Rich Freeman
2020-06-06 19:38     ` Victor Ivanov
2020-06-06 20:12       ` Rich Freeman
2020-06-07  0:47         ` Victor Ivanov
2020-06-07  1:04           ` Rich Freeman
2020-06-07  1:50             ` Dale
2020-06-07  8:08               ` Dale
2020-06-07  9:07                 ` antlists
2020-06-07 18:23                   ` antlists
2020-06-09 20:24                     ` Dale
2020-06-09 21:30                       ` [gentoo-user] Encrypting a hard drive's data. Best method. PICS attached Dale
2020-06-07 10:33                 ` [gentoo-user] Encrypting a hard drive's data. Best method Rich Freeman
2020-06-07 11:52                 ` Victor Ivanov
2020-06-07 12:43                   ` Victor Ivanov
2020-06-07  7:37         ` antlists
2020-06-06 15:07 ` Frank Steinmetzger
2020-06-06 20:21 ` Sebastiaan L. Zoutendijk
2020-06-07  1:54   ` Dale [this message]
2020-06-10  6:59 ` Dale
2020-06-10  9:52   ` Michael
2020-06-10 21:02     ` Dale
2020-06-10 13:37   ` Victor Ivanov
2020-06-10 20:52     ` Dale
2020-06-11 21:51       ` Victor Ivanov
2020-06-11 22:17         ` Dale
2020-06-11 23:08           ` Victor Ivanov
2020-06-12  2:00             ` Dale

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=df6775c4-744a-e49a-2e12-5f33efc21526@gmail.com \
    --to=rdalek1967@gmail.com \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox