Fedora 30 Aims To Use LUKS2 By Default For Full-Disk Encryption
Fedora 29 wanted to have the use of LUKS2 by default when going for full-disk encryption compared to the LUKS1 meta-data format, but that didn't turn out in time so now the hope is to have it ready for Fedora 30.
The LUKS2 format has been available since the end of 2017 with the release of cryptsetup 2.0. The LUKS2 format has auto-activation improvements, experimental authenticated encryption, and other extensibility and security hardening improvements.
It's not until cryptsetup 2.1 where upstream will default to LUKS2 over LUKS1, but Fedora 30 is planning for this default shift when that distribution update is outed in May for those using the Anaconda installer and opting for full-disk encryption.
Details on the planned change for Fedora 30 are outlined by the Fedora Wiki.
The LUKS2 format has been available since the end of 2017 with the release of cryptsetup 2.0. The LUKS2 format has auto-activation improvements, experimental authenticated encryption, and other extensibility and security hardening improvements.
It's not until cryptsetup 2.1 where upstream will default to LUKS2 over LUKS1, but Fedora 30 is planning for this default shift when that distribution update is outed in May for those using the Anaconda installer and opting for full-disk encryption.
Details on the planned change for Fedora 30 are outlined by the Fedora Wiki.
13 Comments