Quoth Andrew Sackville-West at 2009-10-13 00:34... > I've not used LVM+crypt from the installer directly, though I've > retrofitted it to my laptop. It can be a pain (kernel upgrades are > always scary, yet somehow seem to always work), but I find it worth it > for peace of mind. I know that my setup is not bulletproof, but it > will disuade most, and certainly is enough for my purposes and the > level of security my data requires. > > I'm not suggesting you wipe and restart. You can certainly retroactively use > crypt on one of your logical volumes (say, /home, perhaps) so that the > bulk of your data is secured reasonably well. Moving /tmp into tmpfs > may be wise as well. Then the only thing to worry about is swap and > possibly resume images stored there. It's all a matter of what level > of risk you're comfortable with, how valuable your data really is to > someone else, and so forth.
Thanks for your thoughts. I was going to retro-fit the encrypted partitions in the first place but had not put /boot in a separate partition. Attempts to use gparted to resize / (using Knoppix CD) were unsuccessful so I gave up and decided to do it the "proper" way. However, as the "proper" way caused me problems - including making it VERY hard to install the backports kernel I need for my wlan - I'll certainly see if I can use the original recipe I was using once I've got the system up and running again. Cheers M -- Matthew Smith Smiffytech - Technology Consulting & Web Application Development Business: http://www.smiffytech.com/ Blog/personal: http://www.smiffysplace.com/ LinkedIn: http://www.linkedin.com/in/smiffy Skype: msmiffy Twitter: @smiffy -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
