I'm concerned about the security of my data (obviously or I wouldn't be here), but I don't understand what happens to keys when I close the volume. I am using Ubuntu with cryptsetup. I use the command "sudo cryptsetup luksOpen /BLOCK/DEVICE encrypt && sudo mount /dev/mapper/encrypt /mount/location". I'm not really sure what these commands do, but more specifically what the closing command: "sudo umount /mount/location && sudo cryptsetup lukClose /dev/mapper/encrypt". I believe that luksOpen just decrypts a header that has the actual random encryption key and volume info. It then creates a new device that basically tells the system that decryption is needed before anything can be read/written. That all seems very straight foreward, but what happens when it closes? Does it do more than delete /dev/mapper/encrypt? I would hope that it writes over the key in memory. Is that right? If not, is there some way to make sure that the key is wiped? Thanks, Justin Brown justin.brown1.1@xxxxxxxxx --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
