Originally posted by Developer12
View Post
Think of it like this: imagine your disk is encrypted but the evil hackers still know all your mount points if they put your disk in another PC or boot up your PC with a Live environment. That's kind of how ZFS encryption works. They know that tank/home/username exists and that it mounts to /home/username but they'll have no idea what is at /home/username because ZFS will prompt for a password when they try to mount it. If you want to hide the fact that tank/home/username and its mount location even exist is why you'd want to put ZFS on LVM2.
Don't get me wrong, you can loop-mount another FS on top of ZFS, but, IMHO, for ease of use you'd be better of using KDE Vaults or something like that for the sensitive data you don't want people to access if you die at your PC with an active session running and the locker hasn't kicked in.
Comment