Configuring Encrypted Volumes &d-i; allows you to set up encrypted partitions. Every file you write to such a partition is immediately saved to the device in encrypted form. Access to the encrypted data is granted only after entering the passphrase used when the encrypted partition was originally created. This feature is useful to protect sensitive data in case your laptop or hard drive gets stolen. The thief might get physical access to the hard drive, but without knowing the right passphrase, the data on the hard drive will look like random characters. The two most important partitions to encrypt are: the home partition, where your private data resides, and the swap partition, where sensitive data might be stored temporarily during operation. Of course, nothing prevents you from encrypting any other partitions that might be of interest. For example /var where database servers, mail servers or print servers store their data, or /tmp which is used by various programs to store potentially interesting temporary files. Some people may even want to encrypt their whole system. The only exception is the /boot partition which must remain unencrypted, because currently there is no way to load the kernel from an encrypted partition. Please note that the performance of encrypted partitions will be less than that of unencrypted ones because the data needs to be decrypted or encrypted for every read or write. The performance impact depends on your CPU speed, chosen cipher and a key length. To use encryption, you have to create a new partition by selecting some free space in the main partitioning menu. Another option is to choose an existing partition (e.g. a regular partition, an LVM logical volume or a RAID volume). In the Partition settings menu, you need to select physical volume for encryption at the Use as: option. The menu will then change to include several cryptographic options for the partition. &d-i; supports several encryption methods. The default method is dm-crypt (included in newer Linux kernels, able to host LVM physical volumes), the other is loop-AES (older, maintained separately from the Linux kernel tree). Unless you have compelling reasons to do otherwise, it is recommended to use the default. First, let's have a look at the options available when you select Device-mapper (dm-crypt) as the encryption method. As always: when in doubt, use the defaults, because they have been carefully chosen with security in mind. Encryption: aes This option lets you select the encryption algorithm (cipher) which will be used to encrypt the data on the partition. &d-i; currently supports the following block ciphers: aes, blowfish, serpent, and twofish. It is beyond the scope of this document to discuss the qualities of these different algorithms, however, it might help your decision to know that in 2000, AES was chosen by the American National Institute of Standards and Technology as the standard encryption algorithm for protecting sensitive information in the 21st century. Key size: 256 Here you can specify the length of the encryption key. With a larger key size, the strength of the encryption is generally improved. On the other hand, increasing the length of the key usually has a negative impact on performance. Available key sizes vary depending on the cipher. IV algorithm: cbc-essiv:sha256 The Initialization Vector or IV algorithm is used in cryptography to ensure that applying the cipher on the same clear text data with the same key always produces a unique cipher text. The idea is to prevent the attacker from deducing information from repeated patterns in the encrypted data. From the provided alternatives, the default cbc-essiv:sha256 is currently the least vulnerable to known attacks. Use the other alternatives only when you need to ensure compatibility with some previously installed system that is not able to use newer algorithms. Encryption key: Passphrase Here you can choose the type of the encryption key for this partition. Passphrase The encryption key will be computed Using a passphrase as the key currently means that the partition will be set up using LUKS. on the basis of a passphrase which you will be able to enter later in the process. Random key A new encryption key will be generated from random data each time you try to bring up the encrypted partition. In other words: on every shutdown the content of the partition will be lost as the key is deleted from memory. (Of course, you could try to guess the key with a brute force attack, but unless there is an unknown weakness in the cipher algorithm, it is not achievable in our lifetime.) Random keys are useful for swap partitions because you do not need to bother yourself with remembering the passphrase or wiping sensitive information from the swap partition before shutting down your computer. However, it also means that you will not be able to use the suspend-to-disk functionality offered by newer Linux kernels as it will be impossible (during a subsequent boot) to recover the suspended data written to the swap partition. Erase data: yes Determines whether the content of this partition should be overwritten with random data before setting up the encryption. This is recommended because it might otherwise be possible for an attacker to discern which parts of the partition are in use and which are not. In addition, this will make it harder to recover any leftover data from previous installations It is believed that the guys from three-letter agencies can restore the data even after several rewrites of the magnetooptical media, though. . If you select Encryption method: Loopback (loop-AES) , the menu changes to provide the following options: Encryption: AES256 For loop-AES, unlike dm-crypt, the options for cipher and key size are combined, so you can select both at the same time. Please see the above sections on ciphers and key sizes for further information. Encryption key: Keyfile (GnuPG) Here you can select the type of the encryption key for this partition. Keyfile (GnuPG) The encryption key will be generated from random data during the installation. Moreover this key will be encrypted with GnuPG, so to use it, you will need to enter the proper passphrase (you will be asked to provide one later in the process). Random key Please see the the section on random keys above. Erase data: yes Please see the the section on erasing data above. Please note that the graphical version of the installer still has some limitations when compared to the textual one. For cryptography it means you can set up only volumes using a passphrase as the encryption key. After you have selected the desired parameters for your encrypted partitions, return back to the main partitioning menu. There should now be a new menu item called Configure encrypted volumes. After you select it, you will be asked to confirm the deletion of data on partitions marked to be erased and possibly other actions such as writing a new partition table. For large partitions this might take some time. Next you will be asked to enter a passphrase for partitions configured to use one. Good passphrases should be longer than 8 characters, should be a mixture of letters, numbers and other characters and should not contain common dictionary words or information easily associable with you (such as birthdates, hobbies, pet names, names of family members or relatives, etc.). Before you input any passphrases, you should have made sure that your keyboard is configured correctly and generates the expected characters. If you are unsure, you can switch to the second virtual console and type some text at the prompt. This ensures that you won't be surprised later, e.g. by trying to input a passphrase using a qwerty keyboard layout when you used an azerty layout during the installation. This situation can have several causes. Maybe you switched to another keyboard layout during the installation, or the selected keyboard layout might not have been set up yet when entering the passphrase for the root file system. If you selected to use methods other than a passphrase to create encryption keys, they will be generated now. Because the kernel may not have gathered a sufficient amount of entropy at this early stage of the installation, the process may take a long time. You can help speed up the process by generating entropy: e.g. by pressing random keys, or by switching to the shell on the second virtual console and generating some network and disk traffic (downloading some files, feeding big files into /dev/null, etc.). This will be repeated for each partition to be encrypted. After returning to the main partitioning menu, you will see all encrypted volumes as additional partitions which can be configured in the same way as ordinary partitions. The following example shows two different volumes. The first one is encrypted via dm-crypt, the second one via loop-AES. Encrypted volume (sda2_crypt) - 115.1 GB Linux device-mapper #1 115.1 GB F ext3 Loopback (loop0) - 515.2 MB AES256 keyfile #1 515.2 MB F ext3 Now is the time to assign mount points to the volumes and optionally change the file system types if the defaults do not suit you. One thing to note here are the identifiers in parentheses (sda2_crypt and loop0 in this case) and the mount points you assigned to each encrypted volume. You will need this information later when booting the new system. The differences between ordinary boot process and boot process with encryption involved will be covered later in . Once you are satisfied with the partitioning scheme, continue with the installation.