Re: [PLUG] Help with encrypted SSD

Rich Freeman on 20 Apr 2015 11:08:22 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Help with encrypted SSD

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Help with encrypted SSD
Date: Mon, 20 Apr 2015 14:08:18 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=8gR4Va/KwXF/ikLzhK5X1Wr8FWaMEQYtmUYRmIFIKaQ=; b=AxlAcwjD56gpTwq7DhWsyp92qrEH8bp7Nz8m8o+M1KvLomlQprelme+/EBWT2i8du5 9Ju9C6wUBskJi1gioxAoRybmLj5CkmNAhT3uJWERXGcig/DvX0adZlCX5alZxzCABWhW onFc4m9NA+1phseK8xrXtvjfJJzMcRLhCdedKpSz7yE8nH7FcWWfHCyJbXn2fPhzBqP3 ORt9G7araS3f2mB2zSQhLpEjZ3Ye4YqZfav++gwmHYY3gdGIqPaRlK6jlCbpQoTu8DxP RtQf1v4dbxUQrk37Z55YKWs7qv7z8bmnnRGXPUcHYzs4MkOSt9WnUn8SmfAU5+vHXNdo K4Og==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Mon, Apr 20, 2015 at 10:26 AM, Keith C. Perry
<kperry@daotechnologies.com> wrote:
>
> You still have to worry about the host's data pool but the concept is the same.  Create your logical volume (e.g. /dev/mapper/data/clients) and then setup LUKS against that device.  You can resize with LUKS as well but I haven't had to do that since I generally use encrypted containers.

What is the best practice?  LVM on LUKS or LUKS on LVM?

I guess putting LUKS on top gives you the option of having some
volumes unencrypted and others encrypted.  However, I'd think it would
be simpler to put LUKS on the bottom and it just seems like the
encryption should be closer to the physical layer.  You would also
have more flexibility around what physical volumes actually need to be
encrypted.

--
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] Help with encrypted SSD
  - From: "Lee H. Marzke" <lee@marzke.net>
- Re: [PLUG] Help with encrypted SSD
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] Help with encrypted SSD
  - From: "Lee H. Marzke" <lee@marzke.net>
- Re: [PLUG] Help with encrypted SSD
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] Help with encrypted SSD
  - From: "Keith C. Perry" <kperry@daotechnologies.com>

Prev by Date: Re: [PLUG] Follow-Up: Universal Programmable Remote Control
Next by Date: [PLUG] Arch Linux presentation @ PLUG West 2015-04-20
Previous by thread: Re: [PLUG] Help with encrypted SSD
Next by thread: [PLUG] Follow-Up: Universal Programmable Remote Control
Index(es):
- Date
- Thread