Dne St 2. dubna 2014 14:09:30, Carlos E. R. napsal(a):
On 2014-04-02 13:16, Vojtěch Zeisek wrote:
Dne St 2. dubna 2014 13:02:39, Carlos E. R. napsal(a):
I don't use this setup because I do not like LVM. In that case, the method is having separate partitions instead. Few people have reported using full system encryption without LVM, with separate partitions (I can not locate a current full description of the procedure), and one of the problems mentioned (besides YaST being unable to set it up, and possibly difficulties with system upgrade?), is that the boot system asks the password for each partition, even if they are the same. I believe there is a bug on this. I heard that plymouth can handle that situation, but as I always remove it, I can't say for sure.
I wouldn't expect big issues with such setup, beside need for repeated enter of pass-phrase.
I do not know of an easy way to encrypt the root filesystem right from installation, because YaST will not do it. The method I know is:
Hm :-( I thought this would be relatively easy but uncomfortable solution. Then it would probably require a lot of trials to find the best solution...
1) Install a normal root system, not encrypted, with a separate boot partition, and perhaps an encrypted home partition. The physical disks used are irrelevant, one or twenty. 2) Create a new encrypted partition. 3) Copy the clear root partition files to the deciphered container. 4) Somehow boot that encrypted root partition.
I'm stuck on (4).
Once this is done, I do not know if the system will be upgradeable, or the entire procedure will have to be repeated.
It doesn't seem to me as the best way, but OK... Regards, Vojtěch -- Vojtěch Zeisek Komunita openSUSE GNU/Linuxu Community of the openSUSE GNU/Linux http://www.opensuse.org/ http://trapa.cz/