[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cgd + lvm
On 01/12/10 12:02, Matthias Scheler wrote:
If I am to follow what you suggest, how do I go about creating full disk
encryption or /home encryption that can grow as it needs more space? The
issue with creating full disk encryption currently is you have to have a
disklabel for each area you want to encrypt. Following the guide you can
see they have an unencrypted root label that will decrypt the rest and
have /home, /usr, /var ect.. encrypted. What I would like to see is to
have a small '/boot' that contains the kernel and startup utilities to
be booted from and then to encrypt the entire root filesystem. For this
you would not need an LVM but I'm not sure how I would accomplish this
since these files reside in /. Where the LVM would be handy is if you
had the same setup '/boot' and then the rest of the disk '/' as a
physical group with maybe one volume group of /home. You could choose to
only encrypt the /home and grow/shrink it as you see fit within the LVM.
Would this be possible?
On Tue, Jan 12, 2010 at 10:13:28AM -0500, Charlie wrote:
This is interesting. I've been going over this issue in my head for a
while now. I understand both points but was wondering if you are someone
could clear something up for me. If LVM is used on top of CGD it would
seem the partitions would have to be already fixed, ...
No, it wouldn't. The "cgd" device would just be a physical volume
for LVM on which it can store data.
For example how could I resize /home to add more space from the
If you assing as much diskspace as possible to the "cgd" volume and
use LVM to manage the encrypted disks space you have the desired
Main Index |
Thread Index |