2009/2/4 Erez D <erez0...@gmail.com>: > > when a hard drive dies and it is under warrenty, we need give the old one > when we want it replaced. > usuallyon the hard drive we have some personal things - pictures, documents, > or confidential data if it belonged to a company etc... > assuming the data is backed up (backing-up is an issue for another thread), > we are left with the possibility of someone retriving data from the damaged > drive. > and when the drive is damaged, we can't even access it to erase that info > before replacing it with a new one. > > so i though of a solution - use a crypto FS. > but there are many problems with it. > the practical problems are at least: > 1. i do not know of a major linux distibution (i.e. redhat/ubuntu etc... ) > that fully support crypto-fs out of the box, so if i use it, i will need to > do manual changes every time i upgrade the system. > 2. it is not really secured if the key is stored on disk. however if the key > is not stored on disk, then the computer can not acces the data without > human intervention, which is not good either when it comes to servers.
The solution is thus to have two partitions. One with the OS stuff and configuration, and one which is encrypted and contains your personal data. I guess that the configuration may still reveal some secrets (like which hosts are important enough to be in /etc/hosts), but it's better than nothing... -- Orr Dunkelman, orr.dunkel...@gmail.com "a scientific man ought to have no wishes, no affections, -- a mere heart of stone" - Charles Darwin. GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA (This key will never sign Emails, only other PGP keys. The key corresponds to o...@vipe.technion.ac.il) _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
