HDD encryption

[Matt Graham]

From: Joe <joe at nationnet.com>
> That's a really good question Nathan. I've used encfs for directories 
> since it's so easy to install and use, but it's not for whole disk 
> encryption. I haven't tried WDE because I wasn't sure what the different 
> distros would support and if you ever have to use a rescue disk it would 
> make it that much harder to get to the drive.

Wouldn't the MBR and stage 1 of the bootloader have to be in plain
text?  I mean, the x86 BIOS is small and not very bright, so you're
stuck with having some unencrypted stuff on it.  I think.  If the
BIOS has additional functions, you might be able to have a totally
crypted disk.  I also can't see that much point to encrypting /boot
, but encrypting / , /usr , /home , and so forth makes a lot of
sense for some situations.

I've never been *that* paranoid, so all I've done is have a 
/home/me/crypt file mounted loopback via truecrypt on /home/me/
secure/ .  

-- 
Matt G / Dances With Crows
The Crow202 Blog:  http://crow202.org/wordpress/
There is no Darkness in Eternity/But only Light too dim for us to see