On 10/7/07, Timo Myyrd <[EMAIL PROTECTED]> wrote: > Nick Guenther wrote: > > On 10/6/07, Timo Myyrd <[EMAIL PROTECTED]> wrote: > > > >> I have read the mount_vnd manual page and it describes the mount options > >> of the image that are needed to succesfully mount the partition on boot > >> but didn't reveal if there's a method to encrypt whole partition. I know > >> it will give me small performance hit to encrypt whole partition but it > >> should be OK. I had all of my HD except the /boot partition encrypted > >> with Linux and I didn't notice any difference in casual use. > >> > >> Currently waiting for the urandom to fill the image... > >> > >> Timo > >> > > > > Hm? I don't understand what you don't understand. > > There's no such thing as a half-encrypted svnd (=partition). If you > > can mount an encrypted svnd then you have a totally encrypted drive. > > If you put it in fstab even better, but you need to somehow get it to > > ask you for a password (-k) or give it a saltfile (-K) from somewhere > > when it does that (and you better not store that password on the same > > laptop). > > > > -Nick > > > > > > > I mean that can I encrypt my /dev/sd0g directly instead of creating > image in it and encrypting and mounting that image as /home. > I tried to read about the svnd and it only seems to work on files.
Yes, exactly ;) This is Unix, where everything is a file (or tries to be): vnconfig /dev/sd0g svnd0 On a tangential note, it's useful to understand what you can do with ccd(4) if you are creative about it. -Nick
