Yep. Everything except my server, which needs to be able to boot without my help. Because why not? I rarely ever reboot anything, so it doesn’t really hurt, and if anyone steals my shit they won’t get my wife’s noods.
this post was submitted on 16 Jan 2025
175 points (98.9% liked)
Linux
60122 readers
795 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
I don't encrypt because it's too much effort to learn about it.
Id rather keep my filesystem unencrypted so that I can easily recover from problems and encrypt important files as needed, but let's be real I don't do that either.
yes. if you live in a country without democracy. it is the only way to protect yourself and your data from nsa agent kicking your door.
Mostly I don't, but I want to start to. I only have one laptop encrypted and of course I keep my phones encrypted.
I don't but admittedly I don't do much stuff on my laptop that's super secure. it's mainly for gaming and the odd programming project.
I encrypt my desktop and laptop but not my servers. On desktop, that excludes drives that aren't my OS/boot drive.
My issue is that I can never remember "a couple more commands" for the life of me. And I use Arch BTW, so the likelihood of me needing those is a bit higher than usual.
I encrypt my home folder and Windows install just in case someone breaks into my house and steals my computer. Super annoying entering my password each boot though.
Yes because my distro also have encrypted /boot included
I encrypt my laptop and desktops and I think it’s worth it. I regret encrypting my servers because they need passwords to turn on. I couldn’t figure out how to handle it when away.
With initramfs and dropbear you can make the password prompt accessible over ssh, so you can enter the password from anywhere.
Edit: For debian it is something like
- install dropbear
- configure dropbear for initramfs
- generate key pair
- generate initramfs
- You are done.
load more comments
(8 replies)
I don't do it for my desktop because 1) I highly doubt my desktop would get stolen. 2) I installed Linux before I was aware of encryption, and don't have any desire to do a reinstall on my desktop at this time.
For my laptop, yes, I do (with exception of the boot partition), since it would be trivial to steal and this is a more recent install. I use clevis to auto-unlock the drive by getting keys from the TPM. I need to better protect myself against evil maids, though - luckily according to the Arch Wiki Clevis supports PCR registers.
Yes. I have sensitive info in my PC (work credentials) and in the case of a break-in, last thing I want is to jeopardize my job.
Of course, I'm paranoid and don't trust the US government. Or any government really. "First they came for _____" and all that; Id rather just tell them to pound sand immediately instead of get caught with my pants down.