On Wednesday, June 24, 2020 10:20:55 PM David Wright wrote: > On Wed 24 Jun 2020 at 21:28:38 (-0400), rhkra...@gmail.com wrote: > > On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file > > system on a dedicated partition > > What were the contents of this partition: the OS itself, or /home, > or an independent filesystem that you'd probably mount under /media?
an independent filesystem mounted as a top level directory > Same this time around? yes > > (actually, two filesystems). > > Do you mean you did this twice, or what? Hm, I can elaborate a little: I have one filesystem / partition for my very sensitive private data, and a second to back that stuff up. (I have some scripts to allow me to easily open (and close) those filesystems -- when they open, the unencrypted content is put on a ramdisk (with the intent if somebody gets physical possession of the device (which is a desktop, not a laptop), the enencrypted data disappears on power off.) > > Laptops? Well, the Buster system is a laptop, Jessie is a desktop. I don't plan to put much, if any, sensitive data on the laptop. (I don't really even intend to take the laptop out of the house, especially during this Covid thing -- I installed Buster on it because I needed GCC 7+ and couldn't (easily) do that on the Wheezy or Jessie systems. > Do you use suspend? No. > Desktops? See above. > Do you boot them remotely? No, but they do stay up 24/7 unless there is a (longer that 2 minute (power is UPS supported)) power outage, or a (very rare) reboot.
