2
I was installing Ubuntu 10.10 using 10.10 Alternate CD. I chose 'Guided - use entire disk setup encrypted LVM'. After Specifying the passphrase for to encrypt the full disk, the installer ask me whether I want to encrypt my home folder.
This is great ! But it got me thinking: I always thought the home folder encryption is a subset of the full disk encryption ? so why does the installer ask me to encrypt the home folder after I chose full disk encryption ?
You can encrypt the swap partition as well. In fact the Debian installer automatically encrypts the swap partition if you encrypt any filesystem; I don't know if the Ubuntu installer does the same. Reasons not to encrypt the system partition include: not needing a separate
/boot
partition if your bootloader doesn't understand the encryption; possibility to boot in degraded mode without entering the password; performance. A reason to encrypt the system partition is it may contain a few sensitive files, such as the printing spool (but these can be symlinked to/home
or madetmpfs
). – Gilles 'SO- stop being evil' – 2010-10-21T21:16:22.883