Thread: drive encryption
how shut off? chose option encrypt drive when installed ubuntu studio 12.10. now, time need restart (such updates) takes forever restart. end manually shutting off pc , turning on. still takes 2 minutes before can enter password. don't this. thought idea, , is, don't it. there way shut off reinstalling os?
encrypting drive not process designed reversible. otherwise defeat reason encryption's existence (as security tool stops bad guys getting @ data). possible yank out encryption on files , whole directories, through brute force. basically, copy data backup in unencrypted form, delete encrypted directory, create replacement clear directory , copy data in. can't entire hdd because oses far more sensitive simple data. uuids, config files , dozens of other dependencies borked, option backup important data external medium , reinstall.
larger picture:
it's running joke among friends , family i'm paranoid when comes security, not encrypt whole drive unless being pursued martian secret police. encryption incurs significant computational overhead , if encrypt os (not data), every time os needs access system file, must decrypt/encrypt in addition read/write process itself. includes /tmp , caches held on hdd. moreover, , borked if must ever resort livecd recover or reconfigure part of os. , since password well-defended, there isn't advantage gained whole-disk encryption either.
better way:
why many people choose encrypt /home directory , leave / in clear. /home of sensitive data is, in vast majority of cases, enough encrypt /home. however, still creates issues. overhead still severe , pointless reasons. after all, why have encrypt 200gb of games? moreover, breaks things ability remotely ssh /home prior having physically logged in.
best way:
therefore, encryption tools come ubuntu allow encrypt directory want, in particular, special one--the private directory--normally found below own /home/user/. need to:once installed, do:code:sudo apt-get install ecryptfs-utilsfor instructions. this link read. once directory encrypted, dump sensitive data private. move e-mail in , symlink original directory. move private keys private while keeping .ssh directory clear. can remote ssh login no problems.code:man ecryptfs-setup-private
don't let current difficulties sour on encryption. if it's done properly, can safeguard , privatize data. unfortunately, can backup , reinstall @ point if want decrypt hdd, above guide afterwards.
Forum The Ubuntu Forum Community Ubuntu Official Flavours Support New to Ubuntu [ubuntu_studio] drive encryption
Ubuntu
Comments
Post a Comment