Creating a encrypted directory during the server installation

Andrew Hodgson andrew at hodgsonfamily.org
Mon Sep 22 18:40:13 UTC 2008


Mathias Gug wrote:

>On Mon, Sep 22, 2008 at 05:07:59PM +0100, Andrew Hodgson wrote:
>> 
>> I doubt I would choose this for my servers - I may add it on at a
later
>> time through a command or set of commands.
>> 

>I think that the work done by Dustin is excellent, useful and worth
>advertising as much as possible. The process to set up encrypted
>directories has been streamlined a lot thanks to his work. 

Yes; I completely understand this, and definitely believe that this
feature is a real boon to the operating system and the community.

I was merely pointing out that I doubt I would use this on any of the
machines I administer, but actually thinking about your case - a file
server, or shell access server with users having encrypted parts of
their home directories, I may be tempted to set this up if I knew what
exactly was going on, rather than to just answer a yes/no question.  I
haven't seen the technology working, so can't comment on the usability,
but when faced with any question about encryption (like I was with the
option to encrypt the LVM volume), my first thoughts are to how easy the
encryption keys are to back up and restore should anything go wrong, and
what extra steps may I need to take to get it working in a streamlined
and safe way.  I would probably hit no at the first couple of times of
installation, then possibly look at it again later.  

However, I do like the idea of a tasksel option, because I can always
run that again in the future, after doing the research, and this is
where I believe it may be possible to win more people over.

Thanks.
Andrew.




More information about the ubuntu-server mailing list