Re: Encrypted root partition

l...@gnu.org (Ludovic Courtès) writes: > Chris Marusich skribis: > >> l...@gnu.org (Ludovic Courtès) writes: >> >>> Chris Marusich skribis: >>> l...@gnu.org (Ludovic Courtès) writes: > Chris Marusich skribis: >

Re: Encrypted root partition

On Wed, Jan 18, 2017 at 11:08:22PM -0500, Mike Gerwitz wrote: > Using an ephemeral key for swap (that is: a temporary key that is > randomly generated and never stored) is preferred: when you unmount it, > the data won't be recoverable. > I just wanted to say that this can break suspend-to-disk,

Re: Encrypted root partition

Chris Marusich skribis: > l...@gnu.org (Ludovic Courtès) writes: > >> Chris Marusich skribis: >> >>> l...@gnu.org (Ludovic Courtès) writes: >>> Chris Marusich skribis: > Is anyone actively working on documenting

Re: Encrypted root partition

l...@gnu.org (Ludovic Courtès) writes: > Chris Marusich skribis: > >> l...@gnu.org (Ludovic Courtès) writes: >> >>> Chris Marusich skribis: >>> Is anyone actively working on documenting the new encrypted root stuff? If not, I'm happy to try

Re: Encrypted root partition

Mike Gerwitz writes: > On Wed, Jan 18, 2017 at 03:38:57 -0800, Chris Marusich wrote: >> As a bonus, I realized that one could use this feature to encrypt swap, >> also. You can encrypt your swap area by using a swap file in the root >> file system. Specifically, if you do

Re: Encrypted root partition

On Wed, Jan 18, 2017 at 03:38:57 -0800, Chris Marusich wrote: > As a bonus, I realized that one could use this feature to encrypt swap, > also. You can encrypt your swap area by using a swap file in the root > file system. Specifically, if you do something like this... Using an ephemeral key

Re: Encrypted root partition

Chris Marusich skribis: > Chris Marusich writes: > >> l...@gnu.org (Ludovic Courtès) writes: >> >>> Chris Marusich skribis: >>> Is anyone actively working on documenting the new encrypted root stuff? If not, I'm happy

Re: Encrypted root partition

Chris Marusich skribis: > l...@gnu.org (Ludovic Courtès) writes: > >> Chris Marusich skribis: >> >>> Is anyone actively working on documenting the new encrypted root stuff? >>> If not, I'm happy to try my hand at it. I'm interested in trying to set

Re: Encrypted root partition

On Wed, Jan 18, 2017 at 03:38:57AM -0800, Chris Marusich wrote: > Chris Marusich writes: > > As a bonus, I realized that one could use this feature to encrypt swap, > also. You can encrypt your swap area by using a swap file in the root > file system. Specifically, if you

Re: Encrypted root partition

Chris Marusich writes: > l...@gnu.org (Ludovic Courtès) writes: > >> Chris Marusich skribis: >> >>> Is anyone actively working on documenting the new encrypted root stuff? >>> If not, I'm happy to try my hand at it. I'm interested in trying to set

Re: Encrypted root partition

Ludovic Courtès writes: > Chris Marusich skribis: > >> Is anyone actively working on documenting the new encrypted root stuff? >> If not, I'm happy to try my hand at it. I'm interested in trying to set >> it up on my laptop, anyway. > > I’ve added

Re: Encrypted root partition

Chris Marusich skribis: > Is anyone actively working on documenting the new encrypted root stuff? > If not, I'm happy to try my hand at it. I'm interested in trying to set > it up on my laptop, anyway. I’ve added documentation in 2b5fea5ba3b07999cf198e1132ffcacbfcb7ed72.

Re: Encrypted root partition

l...@gnu.org (Ludovic Courtès) writes: > Hello Guix! > > In case you missed it, GuixSD now supports LUKS-encrypted root > partitions, finally! > > https://debbugs.gnu.org/cgi/bugreport.cgi?bug=21843#48 > > And there’s a system test, which can also serve as an example for people > who want to

Encrypted root partition

Hello Guix! In case you missed it, GuixSD now supports LUKS-encrypted root partitions, finally! https://debbugs.gnu.org/cgi/bugreport.cgi?bug=21843#48 And there’s a system test, which can also serve as an example for people who want to test it: