Results 1 to 4 of 4

Thread: Is this a two layer encryption?

  1. #1

    Default Is this a two layer encryption?

    1. Suppose I install with following config:
    sda1 - /boot
    sda2 - encrypted lvm [root and swap]
    sda3 - luks /home ( I will chain the luks key in root, so that I wouldn't have to enter its seperate password, method is here: http://goo.gl/yxaRx8 )

    2. Now this is surely a two layer I guess:
    sda1 - /boot
    sda2 - encrypted lvm [root and swap] ( /home is in root itself )
    sda3 - simple ext4 trucrypt data partition which I would have to manually load at every start up.

    Idea is, to read/write the data partition robustly even with Windows, so I don't want to include /home in lvm.

  2. #2

    Default Re: Is this a two layer encryption?

    Quote Originally Posted by ianlamin View Post
    1. Suppose I install with following config:
    sda1 - /boot
    sda2 - encrypted lvm [root and swap]
    sda3 - luks /home ( I will chain the luks key in root, so that I wouldn't have to enter its seperate password, method is here: http://goo.gl/yxaRx8 )

    2. Now this is surely a two layer I guess:
    sda1 - /boot
    sda2 - encrypted lvm [root and swap] ( /home is in root itself )
    sda3 - simple ext4 trucrypt data partition which I would have to manually load at every start up.

    Idea is, to read/write the data partition robustly even with Windows, so I don't want to include /home in lvm.
    Got it. Its a two layer anyway if I don't use /home in lvm with root, so I am gonna use first method, and combination of FreeOTFE and Paragon ExtFS for read/write from Windows.

    [SOLVED]

  3. #3

    Default Re: Is this a two layer encryption?

    actually I am using second method. It would be good to have Data partition just set for stashing data, which may contain personal stuff that I wouldn't want a friend using my computer to see. Mounting it only when I will have to backup/write stuff.

  4. #4
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Is this a two layer encryption?

    On 2014-04-30 15:36, ianlamin wrote:

    > 2. Now this is surely a two layer I guess:
    > sda1 - /boot
    > sda2 - encrypted lvm [root and swap] ( /home is in root itself )
    > sda3 - simple ext4 trucrypt data partition which I would have to
    > manually load at every start up.


    I have a system with two separate partitions mounted automatically on
    boot. For the first one I get the prompt on boot. The password for
    opening the second one is stored as a file on the first one, so it opens
    automatically after the first one mounts, without asking for the password.

    (it actually has two passwords: one for manual entry, and another in a
    randomly generated file).

    > Idea is, to read/write the data partition robustly even with Windows, so
    > I don't want to include /home in lvm.


    Oh.
    AFAIK, you can not read a LUKS encrypted partition from Windows. You
    might have to use something like truecrypt.

    --
    Cheers / Saludos,

    Carlos E. R.

    (from 13.1 x86_64 "Bottle" (Minas Tirith))

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •