In article <[EMAIL PROTECTED]>,
Dale R Worley <[EMAIL PROTECTED]> wrote:
> From: Rick Kossoris <[EMAIL PROTECTED]>
>
> If you are woried about your data, most theives will
> not bother with data. They wipe the hard drive clean
> and sell it. If they want your data, a password is
> also only a minor obstacle. If they slave your drive,
> password protection will not help. Passwords are only
> useful if they are trying to break in over a network.
>
>There are encrypted filesystems available for Linux. Of course, you
>have to be careful that you haven't left copies of the password
>scattered through swap space, etc.
Not a problem if you encrypt swap as well. Even better, encrypt it with
a new randomly generated key on each boot. You do have to apply a kernel
patch to prevent encrypted swap from causing a hang though.
The only thing on my laptop's hard disk that isn't encrypted is the
partition table--and if losetup was 64-bit clean, I wouldn't need one
of those either. It boots from a floppy or CD-R which also contains the
key to decrypt the root filesystem stored on the hard disk. This key
is itself encrypted using gpg in symmetric mode. I never keep the
floppy/CD-R and the laptop in the same place except during a reboot.
Needless to say, I rarely turn the laptop completely off. This works best
if you have a reliable suspend mode with a password on BIOS resume.
