[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Musings about on-disk encryption in Fedora Core



On Mon, Jul 05, 2004 at 09:04:36PM +0200, Nils Philippsen wrote:
> - with passphrase: key is generated by hashing a passphrase typed in
> while booting
> - key is a file on a USB stick
> 
> The other information or configuration I was referring to is cipher
> algos, key lengths, ... for certain devices which can be kept as an
> ordinary configuration file beneath /etc.

Providing they are not needed you can keep them there, you need the root
fs info elsewhere because otherwise you need to decrypt / to decrypt /.

/boot on the other hand cannot be encrypted usefully without hardware
key systems because then you cannot boot off it.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]