[Cryptography] Speeding up Linux disk encryption

John-Mark Gurney jmg at funkthat.com
Mon Apr 12 18:56:35 EDT 2021


Ray Dillinger wrote this message on Fri, Apr 09, 2021 at 13:41 +0000:
> My problem with disk encryption systems is that they tend to protect the
> disk contents right up until the system boots up, and not so much while
> it's running.

There are existing systems like PEFS[1] that can be tied into PAM so
that people's home folders are only unlocked when the user logins in.

Some of the complaints are key management, but even if I used the PEFS
module, since I'm almost always logged into the server, PEFS would have
limited use protecting my data.

[1] https://pefs.io/

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."


More information about the cryptography mailing list