Rich Freeman on 20 Apr 2015 11:08:22 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Help with encrypted SSD


On Mon, Apr 20, 2015 at 10:26 AM, Keith C. Perry
<kperry@daotechnologies.com> wrote:
>
> You still have to worry about the host's data pool but the concept is the same.  Create your logical volume (e.g. /dev/mapper/data/clients) and then setup LUKS against that device.  You can resize with LUKS as well but I haven't had to do that since I generally use encrypted containers.

What is the best practice?  LVM on LUKS or LUKS on LVM?

I guess putting LUKS on top gives you the option of having some
volumes unencrypted and others encrypted.  However, I'd think it would
be simpler to put LUKS on the bottom and it just seems like the
encryption should be closer to the physical layer.  You would also
have more flexibility around what physical volumes actually need to be
encrypted.

--
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug