Op vrijdag 8 januari 2010 12:26:37 schreef Stan Hoeppner:
> Sjors van der Pluijm put forth on 1/8/2010 5:13 AM:
> > 3. Is it ok to have swap and /boot on an encrypted LVM?
> Never run encryption on swap. Doing so merely burdens performance. I
> doubt even NSA, CIA, MI6 encrypt swap partitions on workstations.
Well, I might heave read wrong, but I thought the Debian installer warned me
not to leave swap unencrypted while other partitions are encrypted. It makes
sense too: sensitive content could easily be written to swap.
> I've never tried to boot from an encrypted /boot, so I really can't say if
> it would work or not. Why can't/won't you create 3 partitions?
> [boot] 100MB mounted as /boot normal ext2
> [swap] 1-8GB mounted as normal swap partition
> [root] [remaining space] mounted as /root and encrypted however you like
Just found out that /boot should not be in LVM because bootloaders might not
understand it. /boot unencrypted does not seem to be the end of the world.
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org