1
I had the following set-up in mind: SSD 1: Dual boot Debian + Windows (base OS only). HDD 2: Used for Program Files + Data.
I assume that if I encrypt both drives separately, errors will show up because once Windows has booted it can't find start-up programs for example because the HDD drive isn't unlocked yet.
Is it possible to encrypt both drives as a whole? If so, how (by software)? Debian partitions can be encrypted as a whole, can I divide those partitions between the SSD and HHD? Maybe a RAID configuration if by software is not possible? Bear in mind that my configuration has 1 SSD and 1 HDD.
That's the way I had it in mind, a Linux partition and Windows partition on SSD. And Data on HDD. But the answer I was looking for was, If I encrypt both drives separately, will I be asked for both passwords on boot? Because, if only the OS partition gets unlocked, I'm afraid errors start to appear.. Which makes this whole set-up useless. Thanks for your answer btw :) – Jan – 2015-09-29T17:38:47.833
Its a bit difficult to understand what you are asking - What do you mean by "both passwords" ? I imagine the answer to your question is "it depends on your distro, but no, you will not usually be automatically prompted" unless you modify the startup script. Why do you need to encrypt to OS partition though ? – davidgo – 2015-09-29T18:05:13.183
I encrypt SSD, it is protected bij password A. And I encrypt HDD, it is protected by password B. Will I be asked for password A first and directly after that password B? Will both drives be unlocked at boot if they are separately encrypted? Or will only the SSD (OS drive) be unlocked at boot? I don't see what the reason to encrypt has to do with this whole thing, but I just want a decent lock on my virtual door.. To protect my privacy in my own virtual home, to protect my personal data, and to protect my business data. – Jan – 2015-10-03T07:30:58.930
The question about "reason to encrypt" is to establish why you would want to encrypt the OS partitions. Life would be a lot easier for you if you did not do this. Unless you have a startup script or configuration added, only the Boot drive will be decrypted. On the other hand, if you are wanting to be paranoid about all hints of your data you need to encrypt your SWAP as well. OS encryption makes life a lot harder (and slower) as you need a minimal environment to load before the OS can load, which means more partitions and complexity. – davidgo – 2015-10-03T07:36:36.667
If it was not hard and complex I wouldn't be asking here. I just want this extra security, I am aware that it is hard, slow, etc. And I am willing to sacrifice. I already know how to encrypt and wipe Windows SWAP (pagefile.sys) and use it. I already use a VM Debian with FDE(incl. SWAP partition) for testing. Thank you for mentioning that only the Boot drive will be decrypted. – Jan – 2015-10-04T17:25:17.177