With Xubuntu 13.10 I setup partition encryption, with it's own passphrase via the installation gui. Asks for passphrase then boots and asks for login. I am pretty sure it has been possible to do partition encrypting for a while, I don't believe it has been in the gui installer until recently. Here is an article that tells how to do partition encryption in Ubuntu 12.04... http://newspaint.wordpress.com/2012/09/21/full-disk-encryption-on-xubuntu-precise-12-04/ Now not full disk.. but full partition (Although I haven't tested it...hummm.). Not sure that encrypting the boot partition will gain you a whole lot more security ? ==>brian. On 02/28/2014 08:18 AM, Jeremy MountainJohnson wrote: > Ultimately, the length and complexity of the password / use of keys is > what makes encryption good. Nearly all the common encryption > algorithms out there are crackable if physical control is compromised > and weak keys are used. Speaking from experience, all but one below > I've been able to crack years ago with a decent gpu / distributed > processing and weak pass-phrase (less than 12 chars). Keep in mind, > more chars is not always correlated to success of encryption, refer to > targeted dictionary attacks, rainbow tables, and the chair to keyboard > factor. > > * Ubuntu (and I believe Debian) give ecryptfs option for home > directories (folder level encryption) via the gui installer. Tied to > your user account password, which is it's weakness, strong pw hashes / > salting help a lot for exposed passwd and shadow files > * TrueCrypt can also do a home directory or simple container in Linux, > with pass-phrase and various keys, but not full disk encryption unless > on Windows > * Several paid options out there, often for enterprise, McAfee is a > common one, handle full disk, complex encryption for nearly all > platforms > * More manual options include dm-crypt + LUKS, with pass-phrase and > various key options (similar to a more manual and CLI like Windows > BitLocker). Does the job well, but tough upfront learning curve > > -- > Jeremy MountainJohnson > Jeremy.MountainJohnson at gmail.com > > > On Fri, Feb 28, 2014 at 3:59 AM, gregrwm <tclug1 at whitleymott.net> wrote: >> agreed. afterall anything is possible. but little is likely. >> >> you can be as paranoid as you like. or, you can try relaxing a bit. >> >> but logic can't cure paranoia. humor perhaps has a better chance. hence >> >> "just because you're paranoid doesn't mean they're not out to get you!" >> >> >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >> > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list >