From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <themuso@opentts.org>
Received: from nschwmtas05p.mx.bigpond.com (nschwmtas05p.mx.bigpond.com
	[61.9.189.149])
	by speech.braille.uwo.ca (Postfix) with ESMTP id 1A123C1A193
	for <speakup@braille.uwo.ca>; Mon, 28 Feb 2011 00:49:20 -0500 (EST)
Received: from nschwotgx02p.mx.bigpond.com ([124.189.85.102])
	by nschwmtas05p.mx.bigpond.com with ESMTP id
	<20110228054918.OPYW11322.nschwmtas05p.mx.bigpond.com@nschwotgx02p.mx.bigpond.com>
	for <speakup@braille.uwo.ca>; Mon, 28 Feb 2011 05:49:18 +0000
Received: from localhost ([124.189.85.102]) by nschwotgx02p.mx.bigpond.com
	with ESMTP
	id <20110228054917.ZRJK13035.nschwotgx02p.mx.bigpond.com@localhost>
	for <speakup@braille.uwo.ca>; Mon, 28 Feb 2011 05:49:17 +0000
Date: Mon, 28 Feb 2011 16:49:17 +1100
From: Luke Yelavich <themuso@opentts.org>
To: speakup@braille.uwo.ca
Subject: Re: encryption of partitions/lvm without speakup
Message-ID: <20110228054917.GA10311@strigy.yelavich.home>
References: <20110227214337.GA8462@romuald.net.eu.org>
	<4D6B17E8.2070608@pcdesk.net> <20110228040719.GB10613@gmx.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20110228040719.GB10613@gmx.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-RPD-ScanID: Class unknown; VirusThreatLevel unknown, RefID
	str=0001.0A150202.4D6B375D.019D,ss=1,fgs=0
X-SIH-MSG-ID: 
 rh47ENzuXAD+xmdwjjHvOFR+k1juqHU74J0WRdJsoAQQSVjCucPOPpX9Y9UUk57k3C5MMxCBN2sha7zmXY7QiA==
X-BeenThere: speakup@braille.uwo.ca
X-Mailman-Version: 2.1.13
Precedence: list
Reply-To: "Speakup is a screen review system for Linux."
	<speakup@braille.uwo.ca>
List-Id: "Speakup is a screen review system for Linux."
	<speakup.braille.uwo.ca>
List-Unsubscribe: <http://speech.braille.uwo.ca/mailman/options/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=unsubscribe>
List-Archive: <http://speech.braille.uwo.ca/pipermail/speakup>
List-Post: <mailto:speakup@braille.uwo.ca>
List-Help: <mailto:speakup-request@braille.uwo.ca?subject=help>
List-Subscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=subscribe>
X-List-Received-Date: Mon, 28 Feb 2011 05:49:21 -0000

On Mon, Feb 28, 2011 at 03:07:19PM EST, Alex Snow wrote:
> What about just encrypting a separate partition containing just your 
> home directories, then arange for that partition to be mounted late in 
> the boot process after you have everything related to speach already 
> started?

Ecryptfs was designed for this very purpose, and when properly integrated, there is no having to deal with keys, the pam authentication framework deals with authenticating, and ecryptfs does the rest.

Note you need to encrypt swap as well for things to be totally secure.

Luke