[NCLUG] Encrypted Filesystems?
Sean Reifschneider
jafo at tummy.com
Mon Apr 16 02:10:10 MDT 2007
On Sun, Apr 15, 2007 at 06:33:24PM -0600, Bob Proulx wrote:
>moderatly powered laptop and that for the most part it is not
>noticeable to the user.
All of us at tummy.com have been running encrypted home file-systems for
most of the last year, and I can confirm that it is largely not noticeable
to the user. I think in the last 6 months I've even noticed the
performance overhead probably not even a half dozen times.
For backups, I back run rsyncs from our machines to a storage machine at
home. Which stores the backup data on an encrypted file-system. So, the
laptops are covered in case of loss, and the backup server is covered in
case someone takes it from our house. The home storage server backs up
periodically at a slow rate to a server at our facility, also on an
encrypted file-system.
I encrypt all of /home, and move some stuff like the locate database,
Postgres databases, over to /home to keep that data encrypted. I avoided
doing /root encrypted because it requires the initrd to be modified to
include the crypto stuff, which seems like a pain over the long term.
Sean
--
Your liver pays dearly now for youthful magic moments,
But rock on completely with some brand new components. -- Cake
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995: Ask me about High Availability
More information about the NCLUG
mailing list