On Mon, Sep 22, 2008 at 12:09 PM, Mathias Gug <[EMAIL PROTECTED]> wrote: > However I wonder if asking the user to setup encrypted directories > during the -server installation process is useful. We try to keep the > installer as simple and straight forward as possible for the majority of > users. Is it worth adding another step to the installation process that > covers only a minority of -server use cases ? > > The question is not whether encrypted directories are useful in a server > environment - they are for specific use cases (login servers, file > servers, not so much for database servers, http or mail servers) - but > whether it's worth adding an extra step to the installation process > asking the user to setup encrypted directories for the system.
Obviously, my opinion is biased, so I'm not casting a vote on this issue, I'm leaving it to the community to vote and decide. I will offer a few words of support, though... The current question looks like this: * http://people.ubuntu.com/~mathiaz/setup_encrypted_dir.png It immediately follows the prompts for the initial username and password. The default response is "No", so if you just hit <enter> here, the installer bothers you no more. The cost is one screen, one keystroke in the "No, I don't want an encrypted Private directory" case. I think there is arguably far more value on the laptop/desktop case, as these systems are far more likely to be physically stolen, in which case an encrypted location to store your data might well be your life saver. However, I honestly believe that most server administrators would benefit from having a single place (~/Private) to cryptographically store sensitive information, such as passwords, documents, or configuration information (without LVM-encrypting the whole disk and paying the performance penalty for every read/write). At least I certainly do. I think the Ubuntu Server has an opportunity to _lead_ in the Linux server industry in this case. And I think the new question in the installer actually provides exposure to this feature that is otherwise buried in the new /usr/bin/ecryptfs-setup-private command line utility. -- :-Dustin Dustin Kirkland Ubuntu Server Developer Canonical, LTD [EMAIL PROTECTED] GPG: 1024D/83A61194 -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
