Andreas Schreier wrote: > Is AES256 or GPG-Key encrypted root partition more secure? Is there a > more secure way to encrypt the root partition than AES256? GnuPG-key encrypted means that a filesystem key (which is just a long line of random characters) is encrypted with GnuPG, possibly with more than one person's public key. Actual filesystem encryption is done exactly same as before with AES256, serpent256, or whatever. GnuPG-key just adds the benefit that multiple users can mount with their own GnuPG private key, and each user can change their own GnuPG passphrase any time they want. In corporate environment it may be useful if filesystem key is encrypted with corporate IT department public key. An employee can change his GnuPG passphrase at any time, get hit by a bus, and drop dead. Corporate IT department dudes can still use their private key to mount the partition. Regards, Jari Ruusu <jari.ruusu@pp.inet.fi> - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
