On 31/01/12 17:02, Tim Serong wrote:
On 01/31/2012 04:52 PM, Anders Johansson wrote:
On Tuesday 31 January 2012 15:14:30 Tim Serong wrote:
The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere.
This is an important difference between block-level and file-level operations.
You really don't want to have file level encryption on your entire /home. You would need to enter your encryption key every time a file was opened. Once for .bashrc, once for .bash_history, once for .profile etc etc etc.
A scheme like that would last exactly 5.4 seconds, then you'd reformat with something sane
Good point :)
It's worth mentioning, you can (or should be able to somehow - I haven't tried lately) do block-level encryption on an external hard disk, same as you can for a disk/partition that's physically inside your system. So, backup files to the encrypted block device from your encrypted /home partition, and life is (or should be) good/sane.
I like this idea very much. Can you suggest how this could be achieved considering that I am using an external USB HDD which, at the moment, is totally formatted in ntfs (Ok, no drama in splitting it into 2 halves as before with 50% ntfs and 50% ext4)? Thanks muchly. BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org