[ltp] Re: Good FS for laptop

Bob Toxen linux-thinkpad@linux-thinkpad.org
Tue, 1 Jun 2004 11:20:07 -0400 

I've been running PPDD on top of ext3 for my ThinkPad R31 for 1.5 years
with no problems, despite a few crashes (all but 2 being operator error).

PPDD is an encrypted file system available from:

     http://linux01.gwdg.de/~alatham/ppdd.html

It supports ext2, ext3, reiserfs and maybe more.  I run it on top of my
/home and /home2 partitions.  Thus, if my laptop is shut down and stolen
or lost, my business data is not lost.  Unless an encrypted file system
is mounted (with a password needed for mounting), all file system data,
including file names, is strongly encrypted and unavailable.

It does require some kernel patches be installed.  I don't build kernels
every day but I am a very experienced C programmer and it took me about
a day's effort to set up.

One also can have one's root file system encrypted due to some booting
tools that come with it.  (The risk of not encrypting the root file system
is that "deleted" temporary files can be found by hackers.  I periodically
run a script that fills up all free space on each file system and then
frees it to deal with this.)

Bob Toxen, CTO
Fly-By-Day Consulting, Inc.
"Your expert in Firewalls, Virus and Spam Filters, VPNs,
Network Monitoring, and Network Security consulting"
http://www.verysecurelinux.com       [Network & Linux/Unix Security Consulting]
http://www.realworldlinuxsecurity.com [My 5* book: "Real World Linux Security"]
http://www.verysecurelinux.com/sunset.html                    [Sunset Computer]
bob@verysecurelinux.com (e-mail)

Author,
"Real World Linux Security: Intrusion Detection, Prevention, and Recovery"
2nd Ed., Prentice Hall, (C) 2003, 848 pages, ISBN: 0130464562
Also available in Japanese, Chinese, and Czech.

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

Public key available at http://www.verysecurelinux.com/pubkey.txt, keyservers,
  and on the CD-ROM that comes sealed and attached to Real World Linux Security
pub  1024D/E3A1C540 2000-06-21 Bob Toxen <book@realworldlinuxsecurity.com>
     Key fingerprint = 30BA AA0A 31DD B68B 47C9  601E 96D3 533D E3A1 C540
sub  2048g/03FFCCB9 2000-06-21