Sjors van der Pluijm wrote:
Op vrijdag 8 januari 2010 12:26:37 schreef Stan Hoeppner:
Sjors van der Pluijm put forth on 1/8/2010 5:13 AM:
3. Is it ok to have swap and /boot on an encrypted LVM?
Never run encryption on swap. Doing so merely burdens performance. I
doubt even NSA, CIA, MI6 encrypt swap partitions on workstations.
Well, I might heave read wrong, but I thought the Debian installer warned me
not to leave swap unencrypted while other partitions are encrypted. It makes
sense too: sensitive content could easily be written to swap.
i maintain a few laptops with encryption and i developed the following
habit.
/ 10GB
/home the rest + encryption
these are fairly new laptops with or more then 1GB RAM, simply not
having any /swap solves the problem and with enough RAM available i
never had any problem.
not having the / root partition encrypted leaves some room for trouble
shooting is the thought here since the sensitive information is in the
/home anyway.
not sure if this is the best way to do this but its simple and works
nicely in my experience.
Randall
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
