On 02/18/2011 06:53 PM, Eric Bauman wrote: >>> I typically randomise my block device before creating a LUKS container >>> on it. Option 2 would seem to reduce the effectiveness of this because >>> LVM will give clues to where real data might be. The information where the partition (LVs) start is something that should not cause security problems. For LUKS over LVM you will see LVM metadata in plain form, for LVM over LUKS you will see only LVM PV data offset (LVM metadata are encrypted). Both methods are used, both works. Depends on you preference. I had some pictures how the disk layout looks like for both cases http://mbroz.fedorapeople.org/talks/LinuxAlt2008-eng/ (the slides are not perfect though:-) Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
