-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/08/07 13:18, Peter Kay wrote: > On Dec 8, 2007 12:45 PM, Ron Johnson <[EMAIL PROTECTED]> wrote: >>> [ I want to encrypt laptop, with key on USB drive] >>> Is there a different FAQ I should be using? >>> >>> Thanks all, and I hope to soon join you in debian-land. >> http://luks.endorphin.org/ >> >> Install cryptsetup and read /usr/share/doc/cryptsetup/CryptoRoot.HowTo. > > Thanks, I'll check that out. > >> Slightly OT, but do you *really* need /boot, /usr, /bin, etc, to be >> encrypted? >> >> ISTM that only /home, /tmp & swap files/partitions (and /var?) need >> be partitioned. That way, you could still boot the machine and do >> maintenance if you misplaced your dongle. > > Of course, if I lose all copies of the dongle, being able to do maintenance > isn't terribly useful... Besides, the truly paranoid understand that someone > could slip a keylogger into /usr/bin/perl! Ideally,
If They have physical access to the machine, then They can install a physical keylogger. - -- Ron Johnson, Jr. Jefferson LA USA "Your mistletoe is no match for my TOW missile." Santa-bot -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHWu+yS9HxQb37XmcRAsThAKCiQiE0MTw5FI3Fg1tm/fOZ2sXKOwCZARun gaQHMEk5iUAQhqFO164/Em8= =HKfp -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
