Rarely a thing as “secure by default” so I’m curious to what steps the “security freaks” take during and after installation to go that extra mile on security/anti-forensics.
Obviously FDE, but do people use other options than LVM with FDE?
Second SSD with “tougher” security for “special VMs”?
Any other hardening tips for desktops?
Would be interesting to hear, both to implement some myself as well as self education in the realm of security.
These theads may interest you:
This one is from the read-only mirror list copy: (so you won’t be able to reply)
Yeah some good information there as well as this one:
Was looking for some more steps though. Like, disk layout for example.
Is single disk with LVM+luks what most do (alternatives?)?
Multi disk/partition with tougher encryption for vault(s)?
Yubikey integration with luks sounds like a good idea, but haven’t found much information about doing so in qubes-os.