I want to set up my notebook for use whilst travelling. I intend to have an innocuous /home/waltdnes partion on the notebook, and have the "real" $HOME (a copy of my desktop machine's $HOME) on a 128 gigabyte USB key. When I want to access it, I'll mount the USB key over /home/waltdnes. That protects against the notebook being lost/stolen. The next question is how do I guard the data on the USB key. I'm looking at using cryptsetup to encrypt the USB key. Some interesting stuff on Google... http://sleepyhead.de/howto/?href=cryptpart shows how to use cryptsetup with and without LUKS.
======================================================================== dm-crypt without LUKS # cryptsetup -y create sdc1 /dev/sdc1 # or any other partition like /dev/loop0 # dmsetup ls # check it, will display: sdc1 (254, 0) # mkfs.ext3 /dev/mapper/sdc1 # This is done only the first time! # mount -t ext3 /dev/mapper/sdc1 /mnt # umount /mnt/ # cryptsetup remove sdc1 # Detach the encrypted partition Do exactly the same (without the mkfs part!) to re-attach the partition. If the password is not correct, the mount command will fail. In this case simply remove the map sdc1 (cryptsetup remove sdc1) and create it again. ======================================================================== I did a --pretend emerge of cryptsetup, and I see that it pulls in lvm2 as a dependancy, presumably to enable the /dev/mapper/* entries. Any comments on whether I'm better off with or without LUKS? I also intend to use ext2, because I understand that a journalling fs is murder on USB keys. -- Walter Dnes <waltd...@waltdnes.org> I don't run "desktop environments"; I run useful applications