Archive for June 6th, 2011

June 6, 2011

Disk encryption

by Neil Rickert

[See my crypto page for links to updated and newer information]

When installing opensuse 11.4, last March (2011), I decided to go with disk encryption (really, disk partition encryption).  I have since done some experimentation with different ways of handling that.  This post is for those readers who want to try something similar and are interested in a report on how it went.

A quick warning:  as far as I know, linux does not provide a way of “encrypting on the fly”.  If you switch to an encrypted partition, you will finish up with an empty partition.  So do a good backup first, so that you can later restore the content from that backup.

Why encrypt?

Obviously, we encrypt to protect data.  In my case, the amount of sensitive data is minor, and most of it is already in encrypted files.  It consists of website passwords, software activation keys, and similar kinds of data.  I allow firefox to handle website passwords, but keep them encrypted.  For other data and for the few user-unfriendly websites that insist firefox not keep their passwords, I have them in an encrypted file.

read more »