On Tue, Jun 20, 2006 at 06:40:56PM +0200, Jonas Meurer wrote: > On 19/06/2006 Andrew Pimlott wrote: > > 1. Create a marking for partitions to be encrypted with a random key, > > allowing for the positive identification above. Perhaps this should > > be part of LUKS. > > i see this more as a feature than as a bug.
agree > there may exist situations > where you don't want your device to be marked as 'contains encrypted > data'. Right, however most users would be happy to put such a mark if it increased safety. So it would be a nice option. > > 2. If I use LUKS for all encrypted filesystems, I believe it is > > possible to perform the negative identification above. That is, if > > I don't see the LUKS header, and the partition does not have an > > unencrypted volume, then it is safe to destroy. So let me promise > > that I have no non-LUKS encrypted filesystems. > > i'm not sure that i understand. you mean that all encrypted non-swap > devices should be LUKS devices? we should never expect that. I mean _if I explicitly promise so_, we should expect that. So give me some configuration directive like LuksOnly that I can set. Andrew -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]