Re: Fedora 7 encrypted root partition

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2007-01-19 at 18:30 +0000, Richard Hughes wrote:
> Talking to a co-worker today, he mentioned that if Fedora could support
> [1] an encrypted root filesystem he would switch to Fedora in a
> heartbeat. We appear to be 99% of the way there with LUKS, and I'm
> pretty sure you can hack encrypted root filesystem into FC6, but it
> would be great to have a:
> 
> Encrypt partition to protect data [X]
> 
> in anaconda. Even protecting just the "home" partition would be great,
> although everything would be perfect.
> 
> What do you think?

The problem with doing this is that there really isn't any way to sanely
prompt a user in their native language and allowing for their native
keymap for a password prior to mounting the rootfs (and potentially
more).  This is an *incredibly* important thing to be able to do, but
doing so ends up requiring a good chunk of X + fonts, etc.  At which
point, you really can't have your rootfs encrypted.

As for /home, you really want to be able to encrypt things on a per-user
basis.  Not for the entirety of the block device (ie, you want it to be
tied to the user!)

ecryptfs promises to add the ability to do per filesystem tree
encryption which will allow for the flexibility that is really needed to
make encryption a viable option.

Jeremy

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux