>Veracrypt >Want to encrypt my entire laptop. >Among the main 500 GB drive on the "select which partition to encrypt" list are several other partitions that are various mbs. 150 mbs, 50 mbs, 200 mbs, 43 mbs, etc. >About five different ones.
If I encrypt the main one but leave the others unencrypted, is it a security risk? Do any of those partitions contain my hard drive encryption password?
If I encrypt the smaller partitions too, what happens? Will anything stop working?
I recommend using dm-crypt with LUKS. Archwiki has a good guide on encrypting your whole system (all partitions expect /boot)
Aaron Harris
Too complicated. Not GUI-based. Knowing it's Linux/open source, many parts of it are likely to be broken or incompatible, assuming anyone learns the esoteric coding language/command prompt crap to use it.
Austin Edwards
It's the best encrypting option out there for full partitions, but whatever. It really is quite simple to use
Jonathan Moore
> Do any of those partitions contain my hard drive encryption password?
There is no "encryption password". That's not how it works.
Bentley Morris
It sounds like you shouldn't be using a computer at all.
Benjamin Green
>Heh, can't fly a plane? Sounds like you shouldn't drive a car
Ryan Evans
>He's a retard Was getting caught part of your plan?
David Taylor
If I cut that vein off he would die?
Samuel Hughes
Completely useless. You get busted, then they'll just hold you indefinitely until you decrypt.
Veracrypt offers hidden volumes, which dm-crypt lacks. Anyone stating hidden volumes aren't ideal are just NSA/FBI trying to prevent people from using something that actually works.
Nathaniel Hernandez
They're Tendons.
Andrew Allen
Stop pretending you know what you're talking about. Seriously. Leave.
Wyatt Russell
Stop pretending YOU know what you're talking about. Many have requested hidden system/volumes for dm-crypt, but the dev has refused to implement it. Fuck off.
Cooper Ortiz
Do you have a mail listing of the developers getting shit for that? I don't claim you're a liar, but evidence is the best way to troll lincuck fanatics.
Eli Perez
Nevermind, after googling it again it seems there is something available for it called deLUKS.
>DeLUKS provides most benefits of LUKS and of plausibly deniable encryption. The DeLUKS header is specified to be indistinguishible from random data. This is like Truecrypt header, but with GRUB support, multiple keyslots and (to be implemented) an evolutive protection against brute-forcing.
Nathaniel Thomas
Alright, I'll explain it to you. You're talking about headers, yet you're complaining about dm-crypt. dm-crypt has no headers. That would be LUKS, which uses dm-crypt. You cannot identify a device as a "dm-crypt" device or volume. Now please, get off my board.
Alexander Parker
yes.
the only way you can have a secure boot is if you use secureboot with a M$ signed (or your own PKI and signed shit) EFI bootloader which verifies the integrity of whatever kernel you are booting.
Tyler Powell
>yet you're complaining about dm-crypt I'm complaining about dm-crypt+LUKS not offering plausibly deniable. You can go be autistic about word usage elsewhere.
Xavier Bennett
Bane?
Zachary Nelson
>vein It's a tendon/muscle
Levi Roberts
cryptsetup + luks?
Wyatt Brown
This
Ryan Campbell
That's not a vein it's a tendon you stupid fucking bitch.