disk encryption issues on hardy
xiongfeng.tom at googlemail.com
Sun Mar 9 09:07:17 UTC 2008
I checked a few things on the upcoming ubuntu release and found some
rather old inconveniences still to be persisting.
Disk encryption still does not seem to be possible with the default
GUI installation. Sadly ubuntu is locking out many users from
actually taking advantage of this great feature.
The kernel module for mmc devices does not exist with the
alternative install CD, discouraging me to use external storage in
order to have /everything/ encrypted.
I realize most people see that dm-crypt without LUKS is simply not
enough for disk encryption purpose. I'm sure you all know these
major drawbacks it imposes on the users. Cryptsetup with LUKS is
simply a must in this area. I believe noone can expect the users,
ubuntu attracts, not having keyfiles or to be unable to change their
passphrase without copying all the content of their partitions.
For example, NetBSD cgd is /very/ good at this but like ubuntu
there's no really /simple/ way to use it inside an installer --
leaving it pointless for some sort of users. Ubuntu should really do
better in this area.
More information about the Ubuntu-devel-discuss