encrypted root filesystem

Bennett Todd bet at rahul.net
Mon Feb 23 13:23:18 PST 2004


2004-02-23T16:13:31 Ian Molton:
> On Mon, 23 Feb 2004 16:10:00 -0500
> Robert Connolly <cendres at videotron.ca> wrote:
> > The Encrypted-Root-Filesystem-HOWTO doesn't encrypted the partition table. 
> 
> encrypted filesystems are stupid.

Say instead that they solve a problem you don't have.

If well-implemented, there are threat models for which encrypted
filesystems are a good solution.

My favourite is laptops. If you have to enter a passphrase at bootup
time to enable access to the hard disk, and there's good strong
crypto well-implemented, then losing the laptop (or having it
stolen) can cease to be a data disclosure threat.

Encrypted filesystems surely aren't the solution to all problems, or
appropriate in all settings (but then, what is?).

But I don't think it's fair to call 'em "stupid"; say instead that
you don't have the problems they apply to.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040223/9edaec67/attachment.sig>


More information about the hlfs-dev mailing list