Re: ext3 or ext4 ? Encrypt ?
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
On Tue, 2009-08-25 at 09:59 -0700, Rick Stevens wrote: > Micros50 wrote: > > When doing a fresh install and making new partitions I was greeted with > > some new options that I had never seen before. namely the option to use > > the newer ext4 file system and, the option to encrypt a file system. > > > > In my case I decided to go with ext4 except for the/boot partition in > > which they recommended sticking with ext3. So far so good, no issues > > with using ext4. I also decided to encrypt two partitions. So far so > > good. > > > > Wonder if anyone else feels it's best to go with these new options or > > stick with the old options ? > > > > Whatever the choice I just want to make sure my system sticks > > together... :) Hah. > > ext4 does give you some performance enhancements. It does have the same > caveat that ext3 has though, in that it's not built into the kernel by > default so it has to be in your initrd image when booting. Also, grub > does not grok ext4, though, which is why the /boot partition must be > ext2 or ext3. > > Encryption has been around quite a while. The only thing different here > is that it's offered as part of Anaconda's setup. It is purely > optional and IMHO rather useless except on removable media. > > It introduces a performance hit (albeit minor) that will slow down > access to encrypted filesystems and puts a bit more load on the CPU. > For those reasons, I wouldn't use it on filesystems that are used for > high I/O (e.g. a database or the destination of a video encoder). > > The fact you have to enter the passphrase for it when mounting makes > it difficult to use for remotely managed machines (e.g. servers in a > data center somewhere) and it really doesn't offer much security. If > someone cracks into your system while it's mounted, it's a moot point. > > If you want to encrypt a filesystem on removable media (e.g. a FLASH > drive, USB or firewire drive), then it can make some sense, but not > otherwise. > > That's just my opinion. I could be wrong. So, in other words on a hard disk that is installed in the system itself encrypting the disc accomplishes little, unless of course someone were to physically steal the computer or, steal the drive itself. Nonetheless, I did, perhaps foolishly, encrypt a couple of my partitions just to see if it does work and/or if there are any bizarre issues. Thus far, other than having to answer a password, the encryption is more or less transparent, i.e. everything works as normal. However, on my next install/upgrade, I might just opt to go without the encryption. Of course it depends on whether or not I'm in a cryptic mood. Hah hah. :) Ciao John _______________________________________________ Redhat-install-list mailing list Redhat-install-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@xxxxxxxxxx Subject: unsubscribe