<div class="gmail_quote">On Tue, Dec 1, 2009 at 12:04 AM, Tethys <span dir="ltr"><<a href="mailto:sta296@astradyne.co.uk">sta296@astradyne.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">
</div>Yes, but there's still an argument for multiple levels of encryption.<br>
Is that even still supported? In the old days, there was a filesystem<br>
called rubberhose that was explicitly designed to give plausible<br>
deniability. Does an equivalent exist today? Only the first level<br>
would be decrypted under normal use. Then if you want to access your<br>
more confidential information, you decrypt and mount that, do your<br>
work and then umount it again, so the attacker would need to get in<br>
during the (hopefully short) period of time where that filesystem<br>
was decrypted and mounted.<br>
<br>
Tet<br></blockquote><div> <br>Truecrypt will allow hidden volumes. Works very well. <a href="http://www.truecrypt.org/docs/plausible-deniability">http://www.truecrypt.org/docs/plausible-deniability</a><br><br>On Monday 30 November 2009, Justin Perreault wrote:<br>
> It's much easier to do it at install time, but remember that you'll need to<br>
> enter the key for each encrypted partition each time the machine boots - I<br>
> have the /home partition on my laptop encrypted, but not the system itself (I<br>
> used to, but entering two keys was a PITA and then there were troubles when<br>
> it came time to use a boot disk for maintenance ...)<br><br>There are ways of using just one password. With keyfiles stored on the first decrypted partition.<br><a href="http://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile">http://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile</a><br>
<a href="http://ubuntuforums.org/archive/index.php/t-837416.html">http://ubuntuforums.org/archive/index.php/t-837416.html</a><br><br>Dan<br><br></div></div>