@movq@www.uninformativ.de I get it. I wouldn’t set this up for anyone else. Systems that are on all the time don’t benefit as much from at-rest encryption, anyway. This is definitely an interesting solution, however, and it has worked well for me in the past 1-2 weeks. We’ll see how it goes in 1-2 years.

⤋ Read More

@movq@www.uninformativ.de I reworked the paragraph about security and improved that sentence. Hopefully it’s a little more clear.

However, the key on the unencrypted partition is only valid for the time it takes to reboot, assuming we reboot as soon as the script completes.

⤋ Read More

Participate

Login to join in on this yarn.