AboutWelcome to Free Software Daily (FSD). FSD is a hub for news and articles by and for the free and open source community. FSD is a community driven site where members of the community submit and vote for the stories that they think are important and interesting to them. Click the "About" link to read more...
"Even though the Debian installer can set up encrypted partitions, it is optimised for systems with a single data partition, unless you want to enter multiple passphrases when the system boots. The installer configures a LUKS volume using cryptsetup, but it provides no mechanism for the use of key files, only interactive passphrases.
Some people have a need for storing data securely. Sometimes this means not only redundant disks (and a good backup strategy) but also encryption. Fortunately, the Linux kernel has all the features to use multiple RAID devices, pool them to a Logical Volume, and encrypt every block of the filesystem. Just don't forget your passphrase!
The pam_mount project lets you unlock an encrypted filesystem automatically when you log in. The same password used to log in is used as the key to unlock the encrypted filesystem, so you only need to type it once.
There are times when you want certain information on your computer protected from prying eyes. One way to protect your information is to encrypt your home directory. However, that does not protect your information when you are logged on to your computer. encfs allows you to create an encrypted folder and then mount it as a user filesystem using FUSE.
This tutorial deals only with how to add an extra encrypted physical volume to a volume group pool containing other encrypted physical volumes. This is typical scenario if, at first, you have set up your encryption at a physical partition level (/dev/sdaX where X is the a number of your partition), then you setup your LVM on top of the encrypted partition.
Last week, on the new MacHaxor site, I explained how to create an encrypted disk image on a mac, but there are similar tools available for Linux. TrueCrypt allows you to make all kinds of encrypted containers, but one of the most interesting is a hidden partition.
Well, I have written so far two tutorials with LUKS/dm_crypt involved. First one was how to enable encryption on Feisty Fawn (wasn't included back then by default) and the other one was how to reboot/unlock through a remote connection.