On Monday 02 July 2007 11:35, Anders Breindahl <[EMAIL PROTECTED]> wrote: > In servers, you might want to trust physical security, since > whole-system encryption incurs a performance degradation. (However, on a > reasonably recent system, you still will be bottlenecked by Fast > Ethernet at 100Mb/s).
Where "reasonably fast" means faster than a 3GHz P4. A 3GHz P4 system I was working on recently appeared to be limited to 4MB/s, if it wasn't for the fact that the machine is about to be decommissioned then I would probably investigate this further as the performance is lower than expected. > However, if you should choose to encrypt only, say /home, you'd need to > make sure that data won't ``sieve'' onto the unencrypted parts of the > system, such as /tmp or swap space. True. But the advantage to encrypting only some partitions is that you can get better performance for non-secret data. -- [EMAIL PROTECTED] http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
