Actually, I see little need in encrypting the whole drive in Linux. I would suggest you use something like TrueCrypt. It is a very good, peer reviewed, open source program. I have used TrueCrypt before and have been happy with it. In Linux you can't currently encrypt the system partition however. This isn't a big problem with Linux as it would be in Windows. Data is scattered all over the Windows partition. In Linux you should have no data in the OS proper anyway, so it is easy to encrypt the data partition or partitions and still be safe. There is nothing in the OS itself worth protecting. OSs are a dime-a-dozen.
You gain nothing by encrypting the entire system, but you do loose the plausible deniability that encryption is in use. Looks a little strange to have a boot partition and seemingly empty partitions on your hard drive and no system showing to be able to run.
I don't use whole system encryption for that very reason.
If you look at my laptop it appears to be a simple unencrypted system. In fact, you would be hard pressed, even if you knew what you were doing, to prove, or even know for sure, there was anything else there.
I hate to have my first post on this forum give the impression that I'm only here to criticize, so let me phrase this constructively:
The statement above, that the system partition "/ or root" can't be encrypted, is simply incorrect. While it is true that Linux Mint does not as of yet support this feature at install, the distribution which Linux Mint is based on, Ubuntu, offers this from their alternate install install disk -- and has for quite a while: http://oei.yungchin.nl/2008/04/23/insta ... ncryption/
This shows it has been offered since at least April '08. And having just moved from a (totally except for /boot -- which is negligible) encrypted drive under Fedora 11 and Ubuntu 9.04, I can confirm that swap, root and everything else was running under an encrypted lvm. For those wishing to try it out:http://www.ubuntu.com/getubuntu/downloa ... #alternate
This capability was also mentioned in Husse's post, with an explanation as to why the feature -- which does other places exist -- has not been ported to Linux Mint: lack of resources. As concerns merely encrypting the home folder, this doesn't keep from raising eyebrows, as this passphrase must also be entered before the operating system is booted (using linux's encryption methods). Truecrypt is a wonderful program, and can even be used to have an encrypted dual-boot setup (system encryption on windows partititon/ luks setup on linux), without any issues. Besides, plausible deniability goes only so far; the moment they see that truecrypt is installed (on linux or windows), they'll assume that you have an encrypted parition somewhere, in which case whatever nasty things (blackmail, threats) they had already planned are not going away. This feature, as of my last time using Truecrypt, was also not available for Linux distributions. That is not to say I don't recommend using truecrypt on top of full system encryption (I mean, why not?), but the capabilities that Fred's discussing aren't quite ripe at the moment.
But the statement that no sensitive data is located (on Linux) in system files -- like in that terrible Windows OS -- is also untrue. Files that have been opened, edited, linked to startup programs, etc. make their way into swap, potentially into /tmp, which means that a non-encrypted system drive does indeed leave one's personal data to those with access to the root partition vulnerable.
Fred, I would encourage you to look into what you've said before. Besides, you were responding to someone who had already used the feature in Ubuntu...