Petersen wrote: > Ok, so no gpg-key=no access(?) I am afraid I'll lose the gpg-keys, the > human element is often the biggest threat. You won't lose the gpg encrypted key file if you put it to beginning of the partition where your encrypted data is. > What about data corruption like zip-files suffers? If ciphertext is corrupted, plaintext data is also corrupted. However, all plaintext corruption stays within the same 512 byte sector because all 512 byte sectors are decrypted independently of other sectors. > I don't always treat my server nicely, sometimes it is shut down on the > power switch. Can my encrypted disk (ext3 on top of device backed loop) > survive such treatment no worse than a regular ext3? Encrypted ext3 survival is not any worse than unencrypted ext3. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/