Re: Unencrypted boot with encrypted root

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unencrypted boot with encrypted root

From:	Pierre Neidhardt
Subject:	Re: Unencrypted boot with encrypted root
Date:	Wed, 20 May 2020 11:42:14 +0200

There is at least one benefit using ZFS: encrypted subvolumes (also
known as datasets).

Currently in Guix it's impossible to have a subvolume for the store and
an encrypted subvolume for /home.
In order to have an unencrypted root and an encrypted /home, we must put
them on different _partitions_ so that we can crypt /home with LUKS.
This has the big downside of imposing a fixed size at creation time.

With ZFS, it would be possible to an encrypted /home without encrypting
/gnu/store and without fixing the size at creation time.

-- 
Pierre Neidhardt
https://ambrevar.xyz/

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/05/17
- Re: Unencrypted boot with encrypted root, Guillaume Le Vaillant, 2020/05/20
  - Re: Unencrypted boot with encrypted root, Pierre Neidhardt <=

Prev by Date: Re: Guix mirrors
Next by Date: Re: Guix mirrors
Previous by thread: Re: Unencrypted boot with encrypted root
Next by thread: Slurm with containers (i.e., orchestration)
Index(es):
- Date
- Thread