[CALUG] Opinions on whole Disk encryption (for Linux)
David A. Cafaro
dac at cafaro.net
Fri Feb 1 11:47:07 EST 2008
Ok, I wanted to solicit any experience/opinions on whole disk
encryption.
I will be implementing some form of whole disk encryption on a new
server being setup. I've already double the hardware (cpu/memory) to
help deal with the extra load that will be generated.
The idea is that on boot the system will start the encryption/
decryption process. When shutdown, the server will stop the
process. This way if for some reason the server is stolen (or a HD
fails and must be sent off for repairs/replacement) there is no fear
of the data being exposed.
I've started looking at loop-AES, but was curious if anyone else has
any experience with other solutions or this solution.
OpenSource/Free is preferred, and something that doesn't involve
messing with the kernel besides loading modules is required. Ideally
it would be built in to my distribution already and just require
setup/tweaking. The OS will be RHEL5.
Thanks,
David
David A. Cafaro <dac at cafaro.net>
Cafaro's Ramblings: www.cafaro.net
More information about the CALUG
mailing list