On Fri, Mar 24, 2006 at 04:59:41PM -0500, Jeremy Katz wrote: > * Encrypting the rootfs's block device sucks as you need to be able to > get a passphrase or whatever at boot-time before you have X (... and > thus can display the proper fonts) and before you have a sane keyboard > map. Thats only one problem. A Fedora or Red Hat root device is rather predictable and most people pick the same install sets so its 99% known plaintext for an attack