On Mon, Jul 05, 2004 at 09:04:36PM +0200, Nils Philippsen wrote: > - with passphrase: key is generated by hashing a passphrase typed in > while booting > - key is a file on a USB stick > > The other information or configuration I was referring to is cipher > algos, key lengths, ... for certain devices which can be kept as an > ordinary configuration file beneath /etc. Providing they are not needed you can keep them there, you need the root fs info elsewhere because otherwise you need to decrypt / to decrypt /. /boot on the other hand cannot be encrypted usefully without hardware key systems because then you cannot boot off it.
