Fedora Workstation Aiming To Improve Encryption, Possibly Encrypted Disk By Defa...
source link: https://www.phoronix.com/news/Fedora-WS-Encryption-Plans-2023
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Fedora Workstation Aiming To Improve Encryption, Possibly Encrypted Disk By Default In The Future
Fedora Workstation developers and those involved at Red Hat have been working to improve the state of disk encryption on Fedora with a end-goal of possibly making the installer encrypt systems by default.
While many Linux distributions allow for full-disk encryption these days, not many distributions enable it by default (Pop!_OS being among the rare that actively encourage it) while it looks like in the future Fedora Workstation could default to having its installer encrypt the disk.
The Fedora Workstation plan would be to use the upcoming Btrfs fscrypt support for encrypting both the system and home directories. Fedora Workstation in the future could by default enable Btrfs FSCRYPT system and home directory encryption and store the keys in the TPM.More details on these tentative plans -- that are still subject to change and timing as well as needing formal FESCo approval -- can be found via this mailing list thread and the Fedora Discussion.
Overall this is a good move for Fedora Workstation. Especially for laptops I for years have actively encouraged making use of disk encryption. Especially with modern processors and storage drives, encryption costs are very low and worthwhile for those actively taking their laptops with them as well as other desktops/workstations with sensitive data to physical theft, etc. It will be interesting to see how (and when) the Fedora encryption-by-default plans materialize.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK