Hi,
I've read the Debian installation manual and other information on dm-crypt and LVM. I've never used either before, though I have used Linux and Debian for a few years and on many machines.
I bought the Acer Aspire One netbook, and I'm waiting Lenny to stabilize to try out dm-crypt and LVM on it. The idea is to partition the SSD for \boot (since dm-crypt needs this on a separate partition), rest of \, \home and swap space.
First two questions:
Is it true that if I put \, \home and swap on the same volume group and let dm-crypt handle them all, during bootup LUKS needs only one passphrase for all partitions?
Secondly, can someone verify that I can have an automatically encrypted swap space this way, since I would like to use swsuspend (I guess I'll be asked the same passphrase when I resume?)?
This whole setup is complicated by the fact that the Aspire One has only an 8GB internal SSD, and I will (permanently) stick an 8GB SD card on the other of the card slots for further storage.
So my last question is:
How does LVM handle the extra device? Since 8GB would make for an excessively large \ (sans \boot) and swap space, is it possible to extend \home across the physical devices in LVM?
Another, perhaps a much easier option (considering backups too), would be to use the rest of the internal SSD for a smallish \home and add the SD card as \extraspace (or something else out-of-the-spec like) and mount it under \home\username\extraspace. Is it possible to do this and still use dm-crypt---and have the two physical devices on the same volume group, thus having only one passphrase for the whole system?
Thank you in advance for any comments.
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Question on LVM and dm-crypt (Acer Aspire One).
-
Absent Minded
- Posts: 3464
- Joined: 2006-07-09 08:50
- Location: Washington State U.S.A.
- Been thanked: 3 times
I just have to comment that you are using the wron slash (\) it should be / for linux. I just though it was comical since you mention that you have been using linux for several years.
As for your problem I have no real idea but my post will bump yours into being active again so someone may see it.
As for your problem I have no real idea but my post will bump yours into being active again so someone may see it.
Serving the community the best way I can.
Spreading the tradition of Community Spirit.
Please read some Basic Forum Philosophy
Give a man a fish, he eats for a day. Teach him how to fish, he eats for life.
Updated Nov. 19, 2012
Spreading the tradition of Community Spirit.
Please read some Basic Forum Philosophy
Give a man a fish, he eats for a day. Teach him how to fish, he eats for life.
Updated Nov. 19, 2012
-
infinitycircuit
- Posts: 1137
- Joined: 2007-07-24 03:31
- Location: California
Re: Question on LVM and dm-crypt (Acer Aspire One).
1. yes, only one passphrase will be required.Tolstoi21 wrote:Hi,
I've read the Debian installation manual and other information on dm-crypt and LVM. I've never used either before, though I have used Linux and Debian for a few years and on many machines.
I bought the Acer Aspire One netbook, and I'm waiting Lenny to stabilize to try out dm-crypt and LVM on it. The idea is to partition the SSD for \boot (since dm-crypt needs this on a separate partition), rest of \, \home and swap space.
First two questions:
Is it true that if I put \, \home and swap on the same volume group and let dm-crypt handle them all, during bootup LUKS needs only one passphrase for all partitions?
Secondly, can someone verify that I can have an automatically encrypted swap space this way, since I would like to use swsuspend (I guess I'll be asked the same passphrase when I resume?)?
This whole setup is complicated by the fact that the Aspire One has only an 8GB internal SSD, and I will (permanently) stick an 8GB SD card on the other of the card slots for further storage.
So my last question is:
How does LVM handle the extra device? Since 8GB would make for an excessively large \ (sans \boot) and swap space, is it possible to extend \home across the physical devices in LVM?
Another, perhaps a much easier option (considering backups too), would be to use the rest of the internal SSD for a smallish \home and add the SD card as \extraspace (or something else out-of-the-spec like) and mount it under \home\username\extraspace. Is it possible to do this and still use dm-crypt---and have the two physical devices on the same volume group, thus having only one passphrase for the whole system?
Thank you in advance for any comments.
2. yes, your swap is inside the encrypted volume so it should be encrypted.
3. as far as I know, part of the point of setting up encrypted lvm to is to have one passphrase for multiple physical devices, so I don't think that would be a problem.
Ok, thank you both (funny indeed that I got / wrong).
I'll try to test different setups this week on Lenny and see how much encryption actually impacts performance on the already slow SSD and purely software based AES on the intel atom. If someone cares I might post some of my feelings here (it's the same basic setup, CPU and chipset, as with the asus eee)
I'll try to test different setups this week on Lenny and see how much encryption actually impacts performance on the already slow SSD and purely software based AES on the intel atom. If someone cares I might post some of my feelings here (it's the same basic setup, CPU and chipset, as with the asus eee)