LeRoy on 9 Jan 2011 08:29:42 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux n00b question

Hash: SHA1

On 01/09/2011 07:22 AM, Art Alexion wrote:

> I got burnt with /home encryption, and am reluctant to use it again.
> Of course, it was my fault, but it was an easy mistake to make.
> Ubuntu makes setting this up and using it pretty easy and transparent
> to the user, and that was the problem. That is, it was so transparent
> that I forgot it was encrypted when I did a fresh install of the OS
> and did nothing to preserve the keys in the process.
> Again, it was my fault, but it was one of those rare "too easy"
> situations.

That is one of the reasons you want to not only backup /home, but I
backup every night /boot, /etc, /home, and even /var/log.  /home is
encrypted and if I need to do a fresh install I still have my old
/etc/fstab so I can remount the /home partition.

/dev/mapper/sda11_crypt  /home       ext3    defaults          0       2

Backing up /etc has saved me from multiple headaches.

On systems with either PostgreSQL or MySQL I create a symlink from
/var/lib/postgresql -> /home/postgresql

This automatically causes the database to be encrypted and I do not have
to worry about the system configuration.

Encrypted partitions are especially vital on your laptops especially if
you have any sensitive data on them like password files for all of your
online accounts.  As a Linux users we all know how easily laptops are
stolen and encrypted partitions are our first line of defense.
- -- 
 Rev. LeRoy D. Cressy  mailto:leroy@lrcressy.com   /\_/\
                       http://lrcressy.com        ( o.o )
                       Phone:  215-535-4037        > ^ <
		       Cell:   267-307-3527

gpg fingerprint:  62DE 6CAB CEE1 B1B3 359A  81D8 3FEF E6DA 8501 AFEA

For info on enigmail:    http://lrcressy.com/linux/mozilla.pdf
For info on gpg:         http://www.gnupg.org/

Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug