disk encryption issues on hardy

Tom Hummel xiongfeng.tom at googlemail.com
Sun Mar 9 09:07:17 UTC 2008

Hello list,

I checked a few things on the upcoming ubuntu release and found some 
rather old inconveniences still to be persisting.

Disk encryption still does not seem to be possible with the default 
GUI installation. Sadly ubuntu is locking out many users from 
actually taking advantage of this great feature.

The kernel module for mmc devices does not exist with the 
alternative install CD, discouraging me to use external storage in 
order to have /everything/ encrypted.

I realize most people see that dm-crypt without LUKS is simply not 
enough for disk encryption purpose. I'm sure you all know these 
major drawbacks it imposes on the users. Cryptsetup with LUKS is 
simply a must in this area. I believe noone can expect the users, 
ubuntu attracts, not having keyfiles or to be unable to change their 
passphrase without copying all the content of their partitions.

For example, NetBSD cgd is /very/ good at this but like ubuntu 
there's no really /simple/ way to use it inside an installer -- 
leaving it pointless for some sort of users. Ubuntu should really do 
better in this area.


More information about the Ubuntu-devel-discuss mailing list