disk encryption for Ubuntu 20 LTS
Liam Proven
lproven at gmail.com
Fri May 21 10:39:11 UTC 2021
On Fri, 21 May 2021 at 05:20, Eric Demer via ubuntu-users
<ubuntu-users at lists.ubuntu.com> wrote:
>
> I am now trying to set up encryption for it.
Suggestions:
[1] Don't. IMHO it's a massive pain in the backside and it reduces
performance. I am a 30Y Unix veteran and 25Y on Linux. It took me 3
days to get full-disk encryption working well and I'll never do it
again.
[2] If you are determined not to listen to point #1, then install
VirtualBox and get thoroughly used to installing Ubuntu on virtual
machines before you try on a real computer.
First, install it with defaults.
Second, nuke it, reinstall with a separate /home partition. Get used
to doing this. Install 18.04 and upgrade it to 20.04. Get familiar
with this stuff. Learn about disk sizes and what you'll need.
Third, reinstall with LVM and a separate home partition. And again
with separate /boot, /, /home and swap.
[3] If you *must* use encryption, consider just having /home encrypted
and leave / and swap unencrypted. This minimizes the performance
impact, makes installation and troubleshooting easier, and most
importantly, makes data recovery in the event of a disaster *much*
easier.
[4] Make very sure you have a *very* good, solid, *TESTED* backup AND
RECOVERY plan in place. You want to have a minimum of THREE (3)
offline backups on different media at all times. If you use crypto
without good backups, you are 100% going to lose all your data at some
point.
I know a lot of the Linux nerds love encryption, but in my expert
professional opinion it's a huge waste of time, effort and
performance.
This is why:
https://xkcd.com/538/
--
Liam Proven – Profile: https://about.me/liamproven
Email: lproven at cix.co.uk – gMail/gTalk/gHangouts: lproven at gmail.com
Twitter/Facebook/LinkedIn/Flickr: lproven – Skype: liamproven
UK: +44 7939-087884 – ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053
More information about the ubuntu-users
mailing list