Re: Encrypting drive
Russell Coker <russell@coker.com.au> writes:
> On Monday 02 July 2007 11:35, Anders Breindahl <skrewz@skrewz.dk> wrote:
>> In servers, you might want to trust physical security, since
>> whole-system encryption incurs a performance degradation. (However, on a
>> reasonably recent system, you still will be bottlenecked by Fast
>> Ethernet at 100Mb/s).
>
> Where "reasonably fast" means faster than a 3GHz P4. A 3GHz P4 system I was
> working on recently appeared to be limited to 4MB/s, if it wasn't for the
> fact that the machine is about to be decommissioned then I would probably
> investigate this further as the performance is lower than expected.
>
>> However, if you should choose to encrypt only, say /home, you'd need to
>> make sure that data won't ``sieve'' onto the unencrypted parts of the
>> system, such as /tmp or swap space.
>
> True. But the advantage to encrypting only some partitions is that you can
> get better performance for non-secret data.
Then you might be even better served with encryptfs and make it even
more selctive.
MfG
Goswin
Reply to: