Encrypted LVM in Debian Install - Is whole disk encrypted?

linux partitioning debian encryption lvm
5,826

Assuming you used the 'Guided - Use entire disk and Setup LVM', then YES the entire drive (well the LVM itself if that is not the entire drive, minus the /boot and potentially /boot/efi partitions).

As such the /home partition is thus part of the default setup in the LVM and indeed encrypted when the machine is shutdown, a key distinction here is 'shutdown' NOT 'suspended' or 'hibernated' as during these states details can/do live in RAM, while this may be non trivial for the average user to attempt leveraging on another user, it is still worth stating.

For Clarity, a default Debian install using the prescribed install logic has the following:

Partition Description
/boot unencrypted by default
/boot/efi unencrypted, even if separated from /boot
/ (root) encrypted, contains /etc, /var, /usr/*,/opt and all subdirectories contained in any of those directories mentioned.
swap encrypted, nowadays this is a swapfile mounted at a tmpfs mountpoint on MOST Linux OSes
/home encrypted, depends on the option in the guided that you take when prompted if this is separated or nested inside /, but in either case it defaults to encrypted in this case
Share:
5,826

Related videos on Youtube

user3330299
Author by

user3330299

Updated on September 18, 2022

Comments

  • user3330299
    user3330299 over 1 year

    I just installed Debian 9 with desktop environment to see if I can live using linux fairly exclusively. One item during the installation process to encrypt the LVM. I selected to do so and put in a passphrase. When the computer boots it prompts me for sda5_crypt passphrase as planned.

    However, is the entire hard drive encrypted or is only certain part of it encrypted that allows it to boot the drive that contains Debian? In other words, is my HOME directory encrypted when my computer is shut off or do I need to go through other measures in encrypting sensitive parts of the hard drive/partitions OR with the "encrypted LVM" option during installation it encrypts my home directory, etc directory, var, lib, etc?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Recovering overwritten LVM metadata
Recover data from formatted LVM (Luks, Ext3) after Ubuntu installed over it
Install Ubuntu 15.04 with full disk encryption, but without swap partition
How to expand an encrypted ubuntu partition with LVM
How does LUKS work?
How to migrate an encrypted LVM install to a new disk
Increase Swap in Ubuntu 18.04 Under Lvm and Encrypted File System
What's the easiest way to decrypt a disk partition?
Increase size in dev/sda
Merge LVM Partition with unallocated Space