Announcement

Collapse
No announcement yet.

The Cost Of Home Directory Encryption & LUKS Full Disk Encryption On Ubuntu 18.04

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by dibal View Post
    Random encrypting swap is also nice: https://wiki.archlinux.org/index.php...wap_encryption
    Better idea - don't use swap at all. You don't need it now that machines have 16 to 64 gigabytes of RAM.

    Comment


    • #12
      Again full disk encryption wins. There are also other problems with ecryptfs. Once I accidently tried it on a fresh Ubuntu install. It took less than 24 hours to fail because the first thing I did was restoring old backups and some files had 240+ character file names/paths. Ecryptfs had a very low maximum for file names so it failed to restore from the backups. Nice. I kind of thought it would use full disk encryption by default.

      Comment


      • #13
        Originally posted by caligula View Post

        Better idea - don't use swap at all. You don't need it now that machines have 16 to 64 gigabytes of RAM.
        It's definitely not yet common for laptops and netbooks to have 16 to 64 gigabytes of RAM. On desktops on the ither hand, you don't need disk encryption nearly as much.

        Comment


        • #14
          Originally posted by caligula View Post
          Better idea - don't use swap at all.
          Or use a swap file.

          Comment


          • #15

            Comment


            • #16
              Originally posted by DanL View Post

              Or use a swap file.
              Last time I tried using a swap file was during a fresh Ubuntu installation, which has its default swap option set to swap file. The world fell apart and the freshly installed Ubuntu could not even boot up.

              Comment


              • #17
                +1 TPM
                also, ZFS now has encryption. Would be cool to have it benchmarked against those.

                My personal experience with home dir encryption is 2x failures and had to restore backups... Xorg would just restart and I couldn't log in, ubuntu 16 at the time, created a new user and restored files.

                Comment


                • #18
                  Originally posted by caligula View Post

                  Better idea - don't use swap at all. You don't need it now that machines have 16 to 64 gigabytes of RAM.


                  TLDR: You want swap regardless of the amount of system RAM you have.

                  Comment


                  • #19
                    I am suprised that the pro swap article does not make any mention about the usage of swap for hibernation to disk.

                    Swap is a requirement for that, isn't it? Or are there other ways to achieve that?

                    Comment


                    • #20
                      I think the AES NI support in the kernel, speeds up full disk encryption compared to eCryptFS. If you use a different encryption method other than AES, the advantage is lost.

                      Comment

                      Working...
                      X