[ubuntu-uk] Encrypt whole disk or just home dir?
Tyler J. Wagner
tyler at tolaris.com
Thu May 13 07:24:56 BST 2010
On Thursday 13 May 2010 01:10:44 John Stevenson wrote:
> If you have a laptop hard drive that often contains sensitve personal data
> or is used for any kind of business or holds information that needs to be
> covered under the data protection act, then it advisable to have the whole
> system encrypted in case it falls into the wrong hands.
Encrypting home dir + swap, and using a /tmp ram disk, is sufficient even for
data protection act requirements. Everything written outside those three areas
are operating system files only.
How to convert existing homes to crypto, plus swap and tmp:
http://www.tolaris.com/2009/11/14/securing-laptops-with-ecryptfs-cryptsetup-
and-tmpfs/
Tyler
--
"Never underestimate the bandwidth of a station wagon full of tapes
hurtling down the highway.
-- Andrew S. Tanenbaum
More information about the ubuntu-uk
mailing list