So when I installed Debian, I told d-i to wipe the hard disk and encrypt my lappy's hard drive. My tinfoil-hatted heart loves it. They'll never take me or my data alive.
I am curious, though, as to the exact nature of the encryption. I'd rtfm, but I don't know where to begin. I understand the encryption is AES-256, supposedly good enough to keep spooks at bay, but how exactly does it work? I chose a ridiculous 25-character random printable ASCII password that I have committed to my cerebellum and muscle memory, because I thought that AES-256 actually uses my password to encrypt the hard drive. Is this true? I also see that it uses something called LUKS, and I understand that LUKS is the way to change my encryption password. How does that work, exactly, at the mathematical level? If I change the encryption password, does the hard drive get reencrypted a different way, or what? My last question is about potential data loss. Is an encrypted hard drive more vulnerable to data loss than an unencrypted one? Suppose I have a hardware failure or something. Will the encryption make it harder to recover my data than if I weren't using encryption? That is, if a few bytes are off, can AES-256 still decrypt gracefully? Thanks, - Jordi G. H. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]