Y
Hacker News
new
|
ask
|
show
|
jobs
by
paavoova
2790 days ago
So do you not use FDE? I'd think that to protect data at rest, especially on a laptop, it's good practice to power down whenever you're away. Otherwise keys are just sitting there in memory.
1 comments
michaelmrose
2790 days ago
It's actually possible to suspend io to the encrypted data and remove the keys from ram and prompt for the passphrase at resume to unlock.
Check out go-luks-suspend
link
Check out go-luks-suspend