Earl wrote: > With WIN, I have SCRAMDISK and DRIVECRYPT and feel that my > confidential data is safe no matter what. Scramdisk (the source is free) or Drivecrypt (here, no source-code at all!) are not secure because Windoze is not secure. And you cannot encrypt the swap. > I understand that Mandrake 9.0 has crypto out-of-the-box, but what > does that really mean? That means that you can create some encrypted partitions (/home, /var, /tmp) - but there you *must* enter a passphrase at the boot -, or create some encrypted containers (or "folders") on an existing Linux partition. The container solution is more easy to use, IMHO. You create a container (personaly, I use the Michel Bouissou script to create it automatically : https://www.bouissou.net/wws/d_read/open-crypto/linux-crypto/mkcryptfs/mkcryptfs-0.5.4-1mdk.noarch.rpm ), you mount it + enter passphrase, and all datas located in this /home/.../secret are encrypted/decrypted on-the-fly. No data is written in plain text on the disk. In Mandrake 9.0, the swap is automatically encrypted when /etc/fstab contains the flag "encrypted" in the swap line like this : /dev/hda4 swap swap encrypted 0 0 -- pplf - French OpenPGP page "OpenPGP en francais" http://www.openpgp.fr.st pplf@wanadoo.fr "Microsoft solutions aren't solutions. They are problems" C.Casteyde - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
