[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unencrypted boot with encrypted root
From: |
Pierre Neidhardt |
Subject: |
Re: Unencrypted boot with encrypted root |
Date: |
Wed, 20 May 2020 11:42:14 +0200 |
There is at least one benefit using ZFS: encrypted subvolumes (also
known as datasets).
Currently in Guix it's impossible to have a subvolume for the store and
an encrypted subvolume for /home.
In order to have an unencrypted root and an encrypted /home, we must put
them on different _partitions_ so that we can crypt /home with LUKS.
This has the big downside of imposing a fixed size at creation time.
With ZFS, it would be possible to an encrypted /home without encrypting
/gnu/store and without fixing the size at creation time.
--
Pierre Neidhardt
https://ambrevar.xyz/
signature.asc
Description: PGP signature