On Fri, 24 Mar 2006, Paul W. Frields wrote:
As long as there's a clear visible option to do away with encryption on the FS, that's cool. Deciding to put important data in a possibly unretrievable state in the event of a user departure from a company or an untimely demise is not a great idea without a plan to recover it. My laptop is owned by my company, and I am sure they don't want me encrypting data on it in a manner which prevents them from accessing it should they wish to.
The key is a key infrastructure, e.g. your device is encrypted so that you can access it with two keys: your key or a master key deployed at your company (this could be device-unique or just a big master key).
I don't know if there are such things designed for LUKS tho... Linus Walleij
