Dne neděle 14. listopadu 2021 17:27:37 CET, Marco Calistri napsal(a):
Hello, I collected very few documentation regarding file-system encryption on Linux. I understand that it must be done at format stage and not after the FS has been sized and installed, in order to prevent data loss. I would BTW like to ask here if, in case I decide to encrypt just my /home dir (separated partition) with the existing data it contains, which risks I'm gonna to face.
Various (meta)data can leak via unencrypted locations, like /tmp, logs, cache, etc. Also, these parts might be changed (e.g. modified binaries, well, might be too paranoic:-), so whole disk encryption gives You much higher security. Theoretically, it can be done on already existing partitions, but You are in risk of data loss, and the encryption won't be so good due to need to keep existing data, so it's not recommended in any case. -- Vojtěch Zeisek https://trapa.cz/ Komunita openSUSE GNU/Linuxu Community of the openSUSE GNU/Linux https://www.opensuse.org/