Ok, it seems I'll stick with dmcrypt using http://en.gentoo-wiki.com/wiki/DM-Crypt. Thanks for your responses guys! Peter
2011/11/30 Felix Kuperjans <fe...@desaster-games.com> > Hello Peter, > > dmcrypt works perfectly without initrd as long as you do not encrypt the > root filesystem. > > So for encrypted home directories, you can just create and use a LUKS > volume with dmcrypt (AFAIK the fastest and easy-to-use way). > > Regarding other techniques like gpg or truecrypt, you should keep in mind, > that dmcrypt works directly in the kernelspace, so it may be a lot faster > with the same encryption strength (but it don't know any benchmark about > that). > > Regards, > Felix . > > Am 30.11.2011 16:40, schrieb czernitko: > > Hello, thanks for your response, Neil! > As for dmcrypt usage, what do you think about truecrypt or pgp whole disk > encryption as alternatives to dmcrypt? > I would like to have only one partition with all home directories on it, > and I would like to avoid usage of initrd as I don't use it now and I would > like to keep it that way if possible. > > Peter > > > 2011/11/30 Neil Bothwick <n...@digimed.co.uk> > >> On Wed, 30 Nov 2011 16:19:18 +0100, czernitko wrote: >> >> > I would like to set up an encrypted partition for my /home directories >> > on Gentoo Hardened. Which approach do you recommend? >> >> Do you want a single encrypted filesystem, or separately encrypted home >> directories for each user. for the former, emerge cryptsetup, use it to >> create the encrypted block device and set it up in /etc/conf.d/dmcrypt. >> >> For individually encrypted home directories, using ecryptfs on top of a >> standard filesystem, as used by Ubuntu, is probably the best way. >> >> >> -- >> Neil Bothwick >> >> "You want us to do WHAT?" - Ancient Chinese wall engineer. >> > >
