On Wed, 4 Jan 2012, Matthew Gillen wrote:
On 01/04/2012 04:23 PM, Daniel Feenberg wrote:
On Wed, 4 Jan 2012, Matthew Gillen wrote:
On 01/03/2012 05:03 PM, Tom Metro wrote:
Daniel Feenberg wrote:
The built-in Fedora encryption is no trouble to establish...
What tool do they use? Any other distributions that provide an
integrated solution?
Fedora allows you to do whole partition/volume encryption with the
installer very easily. The last time I tried Ubuntu (a couple years
ago), there was an option for "private" home directories. It would
create an encrypted volume for your home directory that was keyed to
your password. It would then get unlocked and mounted when you logged
in. Fedora does something closer to WDE.
Does this work with UEFI BIOS motherboards? Does anything?
It's sort of orthogonal to UEFI I think; the secure boot mode of UEFI really
just controls launching of the bootloader. It doesn't encrypt/decrypt
anything, it's just check-summing and then executing.
From my experience, Truecrypt and Compusec are incompatible with UEFI
BIOS, and the Winmagic (Securedoc) documentation mentions this limitation
explicitly. Those are all Windows programs, and I expect Linux could be
quite a different situation, but in the absence of any visible information
on the topic, I have no idea. Presumably there would be no interference
with non-boot partitions, but what about boot partitions? I would leave
the boot partition unencrypted, but I already signed agreements promising
FDE for the machines, not realizing that UEFI would make that difficult.
Daniel Feenberg
Am I wrong?
Matt
_______________________________________________
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss
_______________________________________________
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss