[Cryptography] Speeding up Linux disk encryption
John-Mark Gurney
jmg at funkthat.com
Mon Apr 12 18:56:35 EDT 2021
Ray Dillinger wrote this message on Fri, Apr 09, 2021 at 13:41 +0000:
> My problem with disk encryption systems is that they tend to protect the
> disk contents right up until the system boots up, and not so much while
> it's running.
There are existing systems like PEFS[1] that can be tied into PAM so
that people's home folders are only unlocked when the user logins in.
Some of the complaints are key management, but even if I used the PEFS
module, since I'm almost always logged into the server, PEFS would have
limited use protecting my data.
[1] https://pefs.io/
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography
mailing list