[SATLUG] laptop encryption
Tom Weeks
tweeksjunk2 at theweeks.org
Sun Dec 30 01:55:31 CST 2007
On Saturday 29 December 2007 13:55:43 John Chalinder wrote:
> Has anyone tried PGP? Here's a link to how to set up PGP on RedHat Linux.
> http://linux.feldt.com/meeting_notes/1996/0718/pgp_compile.html
> I'm assuming it works on laptops as well as desktop computers.
Umm.. no.. That's a doc on how to compile and install the PGP suite. Not do
full disk encryption on a Red Hat system.. Plus, I don't think the the PGP
disk encryption suite even has support for Linux yet (just Win+OSX). BTW..
Large companies are starting to use enterprise grade full disk encryption
suites like PGP.. but again.. as you've seen, mostly on Windows only.
Here's a useful link for doing full disk, cbc/aes based dm-crypt/LUKS
encryption on Linux (Fedora/CentOS/RHEL):
http://tinyurl.com/2kvt7n
other examples:
http://jaredrobinson.com/blog/index.php?s=encryption
A guy at XCSSA (Travis H.: http://www.subspacefield.org/~travis/ ) is really
into various disk encryption technologies (down to the randomization hardware
sources). If you want to pose any specific full disk encryption questions
(pros/cons of cbc vs cfb vs CTR), then join/post questions to
xcssa at xcssa.org. (join here: http://xcssa.org/mailman/listinfo/xcssa), or
email him directly. His replies are always insightful.
BTW.. on the easy side of the house... it seems that more Linux installers are
starting to support some level of dm-crypt at install time (Debian for
sure... haven't checked latest Ubuntu or FC yet).
Hope that helps get you started.
BTW.. One thing that you'll want to discuss with the "gatekeepers" at your
company is who all needs copies of the partition level passphrases to get
into your encrypted Linux system. Well thought out processes like this are
just important as the encryption itself. Don't leave it out of your
discussions. ;)
Tweeks
More information about the SATLUG
mailing list