-
Suppose I install with following config:
sda1 - /boot
sda2 - encrypted lvm [root and swap]
sda3 - luks /home ( I will chain the luks key in root, so that I wouldn’t have to enter its seperate password, method is here: http://goo.gl/yxaRx8 )
-
Now this is surely a two layer I guess:
sda1 - /boot
sda2 - encrypted lvm [root and swap] ( /home is in root itself )
sda3 - simple ext4 trucrypt data partition which I would have to manually load at every start up.
Idea is, to read/write the data partition robustly even with Windows, so I don’t want to include /home in lvm.
Got it. Its a two layer anyway if I don’t use /home in lvm with root, so I am gonna use first method, and combination of FreeOTFE and Paragon ExtFS for read/write from Windows.
[SOLVED]
actually I am using second method. It would be good to have Data partition just set for stashing data, which may contain personal stuff that I wouldn’t want a friend using my computer to see. Mounting it only when I will have to backup/write stuff.
On 2014-04-30 15:36, ianlamin wrote:
> 2. Now this is surely a two layer I guess:
> sda1 - /boot
> sda2 - encrypted lvm [root and swap] ( /home is in root itself )
> sda3 - simple ext4 trucrypt data partition which I would have to
> manually load at every start up.
I have a system with two separate partitions mounted automatically on
boot. For the first one I get the prompt on boot. The password for
opening the second one is stored as a file on the first one, so it opens
automatically after the first one mounts, without asking for the password.
(it actually has two passwords: one for manual entry, and another in a
randomly generated file).
> Idea is, to read/write the data partition robustly even with Windows, so
> I don’t want to include /home in lvm.
Oh.
AFAIK, you can not read a LUKS encrypted partition from Windows. You
might have to use something like truecrypt.
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” (Minas Tirith))