-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-06-27 18:18, Eva Star wrote:
> 3) I'm worry about hdd encryption by cryptosetup. Is it strong by
> default? We can not choose ALGs at installer...
It uses cryptsetup (LUKS/dm-crypt) under the hood. You can configure
the settings manually from the command line by following the
instructions here:
https://www.qubes-os.org/doc/encryption-config/
> 3.1) How can I change password for my LUKS drive ? Maybe docs page
> about that? 3.2) How can I reencrupt full disk with ALG? What ALG
> is used by default? 3.3) How to increase number of iterations to
> count password hash?
All three of these questions are answered (or should be answered) by
the cryptsetup man page and/or FAQ:
http://linux.die.net/man/8/cryptsetup
https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions
> 3.4.0) Is it possible to install other crpt.software to dom0 and
> make container to store vms on it (layer 2 for some vms)? Will QM
> work when vms not accessible before container will be mounted by
> user manually ?
This sounds like it falls under the "per-VM encryption" idea that has
been discussed extensively on these lists over the years. See this
issue, for example:
https://github.com/QubesOS/qubes-issues/issues/1293
> 5) "Files" not start every time when I click on shortcut to start
> it :-/ Time to time only after 3 clicks it starts.
Is it this?
https://github.com/QubesOS/qubes-issues/issues/2085
If so, looks like the fix is already in the testing repo.
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXcnEAAAoJENtN07w5UDAwXmkQAIXr/On/ctMU1Z1dbFWYApPs
2JqJTwkSmAY7aImAxjrlfdrvNL369pEdX1L8EurQJo4dYDZuXI/TEpp0eoh7+Bji
w+PdSNcgZvIDNG2WPJEwWS8QEnKl6TVxHjUpY4KbNvyAaXU2Uh2uXxkvKcj/yFrq
nC3YcRaSHIV2Cdf00GyRNrSeGMpguKNiR/V+ymyECdlhDRlVSEJTzuD2/iLT0Tbi
6wtdmdIsg2wiTYyCDokYrYF9qxEY+plQ9Do8F799Lxpy/Uzy/jFiSjhSs5pbQk4B
mOt6lXqTqNdsrCmJksPX0NvJswyshn0WeergJnDiJncyYCkiF2yvLV4dwgB1RXfH
fPmd5FTvh9y6exJBg93roCcNUQWYA23ZSjSGdSXi5nMDN97vV8fdOBdImZ7XODEQ
nZrfokQ2mhhbWlrDPn7UlLO/yPwgAL6/GXN8WtxDAXYcahcuy9d66eyf8YoGAJ/N
O4dcwTuNfV80Vc9hWzJYErfxxIbegBp5EF4OwE3zv6Y0qOg0iQasxzFa0C6Imh9M
7hNPQT6nDpMmSQ/FLJXkGeuAnawwkjjkTDEum1MDWL2kl+l5iUHATa6mLdVlRsGL
ncFsdyZAgL4yWdTaPR2U8Ibx1vK3D7/YF9o20kuHFmf7Mudj+vednklejOXvusRn
z+bw5QMlD/S4z7sw8F3x
=DgRg
-----END PGP SIGNATURE-----