You are not logged in.

Pages: 1

#1 2016-10-14 23:06:12

zaphiel
Member
Registered: 2016-09-23
Posts: 13

Doubt with best encryption method for me

Hello!.

I'm new with encryption disk and installing Archlinux.

I wanna change my Debian for encrypted Archlinux, i have 1 ssd as second disk(sdb), and 1 hdd as first disk(sda), and i will do partition at the next way:

sdb(ssd):
   - /boot (ext4 )
   - /root (ext4)
   - /home (ext4)
     will be 1 logic volume

sda(hdd):
    -/media/hdd (ext4 or ntfs, just for warehouse)
      will be another logic volume


I'm reading the encryption guide on Archlinux's wiki, and i have a doubt, ¿which is the best option for me?, I will create 2 logic volume in 2 disk.

With lvm over luks i need 1 passphrase and no use usb.
With luks over lvm i use some passphrase and need usb, is correct?

But, i want to create 2 logic volume, so i don't know which method is better for this.

Thanks.

Offline

#2 2016-10-14 23:24:53

frostschutz
Member
Registered: 2013-11-15
Posts: 1,418

Re: Doubt with best encryption method for me

It's not related to USB at all...

And if you want both sda and sdb encrypted, you will have two LUKS containers, two passphrases. Of course you could put a keyfile on /root to automatically unlock the other disk with so you still only need to type one passphrase, but that's up to you (typing two passphrases is not THAT bad).

I prefer LVM on top of LUKS, but that's just a matter of taste. With LVM on LUKS, all of LVM will be encrypted; with LUKS on LVM, you could choose to have some unencrypted LVs, for those files you want to leave to your family when crazy chainsaw clown kills you tomorrow.

Offline

#3 2016-10-15 06:00:24

NoSuck
Member
Registered: 2015-03-04
Posts: 157
Website

Re: Doubt with best encryption method for me

frostschutz wrote:

... for those files you want to leave to your family when crazy chainsaw clown kills you tomorrow.

Believe it or not, this has been on my mind lately.  I've been tinkering with the idea of splitting a passphrase into pieces and entrusting each piece to a sage.

Pure ALSA Loopback

Offline

#4 2016-10-15 08:22:06

zaphiel
Member
Registered: 2016-09-23
Posts: 13

Re: Doubt with best encryption method for me

In that case, i will try encrypt both disk with lvm over luks. The /root partition i have read that is possible to encrypt too, but maybe it cause any issue, have you installed arch with any encrypted disk?.

Thanks a lot.

Offline

Pages: 1

Board footer

Powered by FluxBB