This One Time, at Band Camp, Mick <michaelkintzios@(protected):
> > That's why I have my entire installation over a DM-CRYPT ( LUKS
> > encrypted partition... ), including swaps and storage ( LVM over
> > DM-CRYPT actually), this way even if someone had a physical access to
> > my laptop, both GRUB and LiveCD approach would be useless...

> I've thought about going for this . . . and then backpedaled once more. Every
> time I had a fs problem I have managed to recover to this date without much
> trouble. Vanilla primary and extended partitions seem to be straight forward
> to access with any LiveCD. To be honest even when I had to frig about with
> LVM I managed to recover without loss of data (more out of luck than skill I
> suspect). The thought however, that I may lose my private key (never say
> never), or lose a drive and need to access my data pronto from a back up
> makes me somewhat nervous. Should I be more brave that this?
Well it depends... First of all you should know that almost every LiveCD
now include a cryptsetup/lvm implementation, Gentoo does, Ubuntu does
( not as is though you should apt-get cryptsetyp, AFAIK lvm already
installed), so recovering data would not be that hard if you can open
the partition... As for loosing the key, that's easy too, here's what
I do: I create a small file from /dev/urandom and I use it as pass key
SLOT, and store it somewhere safe, so if and when I forget all of the
passwords I have, I use this key, it is safe.

Anyway as I said above it actually depends, using dm-crypt will lower
the performance of your machine which actually make sense since the
data are encrypted before they are written to the disk (AFAIK I'm not
really sure how it handles I/O operations, but I'm sure that writing a
huge file to your HDD will result in a lot of CPU usage of the process
'kcryptd'), but using dm-crypt is very very secure, I use it because
my laptop is with me every day when I go to the university so I need
this kind of security... On the other hand if you don't need
encryption, maybe you should stick with LVM... (LVM is a must checkout
my partitions below, I love it...)

--------- CUT
# lvdisplay -C
LV         VG   Attr  LSize  Origin Snap% Move Log Copy% Convert
gentoo-opt    system -wi-ao  1.00G
gentoo-overlays system -wi-ao  1.00G
gentoo-root   system -wi-ao 500.00M
gentoo-usr    system -wi-ao  5.00G
gentoo-var    system -wi-ao 500.00M
home        system -wi-ao 15.00G
storage      system -wi-ao 50.66G
suspend-swap   system -wi-a-  1.00G
swap        system -wi-ao  2.00G
tmp         system -wi-ao 500.00M
ubuntu-opt    system -wi-ao  1.00G
ubuntu-root   system -wi-ao 500.00M
ubuntu-usr    system -wi-ao  3.50G
ubuntu-var    system -wi-ao 500.00M
var-tmp      system -wi-ao 100.00M
--------- CUT

Regards,

--
Wael Nasreddine
http://wael.nasreddine.com
PGP: 1024D/C8DD18A2 06F6 1622 4BC8 4CEB D724 DE12 5565 3945 C8DD 18A2

/ö\
/ö\ When Chuck Norris wants an egg, he cracks open a chicken.