sandbox
Differences between revisions 1 and 59 (spanning 58 versions)
1479
Comment:
|
1168
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
<<Include(WikiGuide/Toolkit/MenuBar)>> | #language en #pragma section-numbers on #title Manual Full System Encryption (with Extras) |
Line 3: | Line 5: |
= Full disk manual encryption = | ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents(2)>>|| |
Line 5: | Line 7: |
||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents>>|| | |
Line 7: | Line 8: |
== Background == | = Sandbox = |
Line 9: | Line 10: |
=== Default installation options === | |
Line 11: | Line 11: |
The Ubuntu Installer provides two encryption options upon installation. | A sandbox for Paddy Landau to develop documentation. |
Line 13: | Line 13: |
1. Encrypted home folder. This protects only your personal data, not the programs or anything else (although swap is encrypted). 1. Full-disk encryption, which protects everything, including the surreptitious installation of malware. |
|
Line 16: | Line 14: |
Unfortunately, both of these options have important problems. | = Other pages = |
Line 18: | Line 16: |
1. Encrypted home folder * Leaves the system open to anyone with physical access to install a keylogger or any other malware. * Hibernation isn't enabled. * Temporary files are stored by default on unencrypted `/tmp`, which is unencrypted, and can leave exposed data. 1. Full-disk encryption * You cannot dual-boot with another system, and your entire disk is wiped. So, if you have Windows, well, goodbye Windows! * Boot is unencrypted, leaving an open vector for malware. * It doesn't support manual partitioning; * or hibernation; * or dual-booting; * or multiple disks (e.g. one SSD and one hard drive). |
|
Line 30: | Line 17: |
=== The manual system === | Other pages by Paddy |
Line 32: | Line 19: |
==== The pros ==== | * [[https://help.ubuntu.com/community/PlayOnLinux|PlayOnLinux]] This is somewhat outdated, but could still be useful for a beginner wanting to use Wine. |
Line 34: | Line 22: |
* Full encryption using LUKS; * including Boot * Manual partitioning; * with LVM * |
* [[https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap|Enable hibernation with encrypted swap]] For older systems that use encrypted folders but nothing else encrypted. |
Line 40: | Line 25: |
== Why use encryption? == | * [[https://help.ubuntu.com/community/PostInstallationEncryption|Post-installation encryption]] For older systems that don't have any encryption, how to encrypt your folder. * [[https://help.ubuntu.com/community/ManualFullSystemEncryption|Manual full-system encryption]] For newer systems (starting with Ubuntu 16.04), how to install Ubuntu fully encrypted, while optionally being able to dual-boot with other systems, say Windows. |
Contents |
1. Sandbox
A sandbox for Paddy Landau to develop documentation.
2. Other pages
Other pages by Paddy
- This is somewhat outdated, but could still be useful for a beginner wanting to use Wine.
Enable hibernation with encrypted swap
- For older systems that use encrypted folders but nothing else encrypted.
- For older systems that don't have any encryption, how to encrypt your folder.
- For newer systems (starting with Ubuntu 16.04), how to install Ubuntu fully encrypted, while optionally being able to dual-boot with other systems, say Windows.
paddy-landau/sandbox (last edited 2017-04-04 18:58:46 by paddy-landau)