David Warde-Farley

Something that wasn't obvious to me: unless working with extremely limited hardware where performance is a concern, there's no reason not to use full disk encryption on a Linux machine in 2023, including for machines you want to be able to boot non-interactively.

You can configure the boot loader to try the empty passphrase, or look for a key file on a plugged in thumb drive which you can remove to disable boot. You can later re-key the encrypted volume as appropriate, without re-formatting.

1+
dbread
Follow

@dwf Good reminder to use encryption.

Right now I am formatting my new backup hard disk with luks encryption on my machine. The disk is 5TB and the initial formatting already took ~20 hours. That waiting is a bit surprising... ;-)

· · 1 · 0 · 0
dbread

@dwf I have my formatting still running. Searched the web for more infos on how long this may take for a big disk. Found that cyberciti.biz/security/howto-l
@nixCraft

Always again a good base for nix crafting infos :)

1
dbread

@dwf I think I have overlooked a quickformat option

0
Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…

v3.5.19-qoto · Privacy policy