On Sat, 2008-09-27 at 11:06 -0700, Wolfgang S. Rupprecht wrote:
> Short answer: It'll make it very hard for people with
physical access to
> boot your computer and read personal files (possibly containing
> passwords or other sensitive information).
True, but that will also make it hard for the laptop to call home for
help if it gets stolen. Just something to think about.
After fretting about this for a while, I decided it was more important
for the laptop to boot than for it to have everything encrypted. I
want my laptop to boot and contact my server so that I can see which
IP address it has popped up at. I'm sure the detectives at my local
police station would be interested too. They don't often get to catch
thieves red-handed like that. Most thefts around here go unsolved.
I was too disorganized when I installed F9 to break /home out into a
separate filesystem. If I had done that I could have encrypted /home
yet left the root FS intact. Come to think of it, I do have
everything under LVM, so I suppose I could still break out /home and
encrypt the user stuff.
-wolfgang
--
Wolfgang S. Rupprecht
http://www.full-steam.org/ (ipv6-only)
You may need to config 6to4 to see the above pages.
That is an interesting thought. I like the idea of letting my laptop
contact my server. However, I wonder how it will work out in a real life
situation. How many thieves would be comfortable with using Linux and
network manager to connect to a network? Besides, they would still need
to have a user account on the laptop. Eventually the thief could
succeed, but I doubt whether he/she will go through all the trouble.
I think it is wise to encrypt more than just your home partition.
Swap-, /etc and /tmp partitions will probably contain some personal
information as well.
Jeroen