On 8/13/06, John J. Foster <[EMAIL PROTECTED]> wrote:
Ok, this looks like a setup I'd be pleased with. Right now I have
/
/boot
swap
How much of a pain will it be to implement now? Or will I be better off
waiting about 6 months till I get a laptop, and then following the guide
at
http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS
This guide seems reasonable. I think the current live CD includes the
version of cryptsetup that understands LUKS though, so it shouldn't be
necessary to download that. And I prefer to randomize the disk by
encrypting with a random password before I setup the actual mapping.
If you want to get started on this before your new laptop arrives, I
suggest starting with the initramfs and encrypting swap only. You
should be able to create an initramfs that will setup the mapping and
do the swapon before your root filesystem mounts. Once you have that
working, and are comfortable with how the initramfs works, you can
move on to your root filesystem.
Cheers,
-Richard
--
gentoo-user@gentoo.org mailing list
