Forgot about swap. I would maybe avoid using a file swap all together and use tmpfs or a standard ramdisk for your swap. I have heard that turning off swap all together isn't the best solution so using a tmpfs or ramdisk basically eliminates on disk swap files, but still makes the system believe it is there. This is because applications will still prefer to swap vs freeing system cache. So I would buy more ram and go that route, unless you already have enough ram.
On Mon, Dec 8, 2008 at 9:36 PM, Jeff Lasman <[email protected]> wrote: > On Monday 08 December 2008 06:18 pm, Peter Manis wrote: > > > TrueCrypt and using fuse with encfs would store it as encrypted > > files. TrueCrypt would be a container that would hold files and it > > would need to be unlocked before accessing. encfs would require > > mounting of a directory which would be viewed as a file system. So > > basically if you were to look at the directory it would appear all > > gibberish, encrypted file names and the contents would be encrypted, > > but mounted it would show up as normal file names and decrypted > > files. > > Sounds like what I've used in the past, but it sounds a bit complex. > Maybe I'll go the encrypted partition route; I'm presuming I can only > encrypt the partions I want to encrypt. > > > As for the ubuntu method, you would need to enable encyption on each > > partition, if you do separate tmp partitions that are nonexec and all > > that then you would need to set that up. In the past I have always > > just created one partition on the machines I was enabling encryption > > on so tmp would be covered in that setup. > > I generally do that on my desktop (well, one plus swap), but in this > case I don't need or want to encrypt everything with the same password; > sometimes I have others using my machine; I do NOT want that person to > have access to Credit Card information, for example. > > (The new rules on credit card security would be draconian if they didn't > seem so necesary these days; as part of our "plan" we have to prove we > only allow access to credit card information on an as-needed basis.) > > You didn't mention anything about swap. Will ubuntu automatically use a > swap file, or allow me to set one up, if I don't make a separate swap > partition? > > > You would of course have to enter a password for all of this, unless > > there is key based methods, which would in many ways defeat the > > purpose of protecting someone from gaining access to the files. > > I suppose we could keep a key on a separate thumb drive (for example) > but I already have a good password system in place; I can keep using > it, and I know how to keep certain passwords in my head (with one copy > in escrow with our corp attorney. Dang, those new Credit Card rules > are becoming complex. > > Thanks! > > And by the way, this is what we've used in the past: > > http://www.jetico.com/ > > Jeff > -- > Jeff Lasman, Nobaloney Internet Services > P.O. Box 52200, Riverside, CA 92517 > Our jplists address used on lists is for list email only > voice: +1 951 643-5345, or see: > "http://www.nobaloney.net/contactus.html"; > _______________________________________________ > LinuxUsers mailing list > [email protected] > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers > -- Peter Manis (678) 269-7979
