Share This Article
Contents
In today’s digital age, individuals and organizations are dealing with increasingly sensitive and confidential information. This information includes personal identity information (PII), banking information, medical records, trade secrets, etc., and the leakage of that information can lead to significant losses or risks.
Encryption has become a necessary technology to protect this sensitive data. The basic principle of encryption is to transform data into an unreadable form and protect it using a key. Only those who possess the correct key can decrypt and access the data. This ensures that data is not accessed or stolen without authorization during transmission and storage.
Specifically, using Full Disk Encryption (FDE) technology in computers can encrypt the entire hard drive, protecting all data stored on it. If the computer is stolen or subjected to other forms of attack, the encrypted data cannot be stolen. Encryption technology can also help meet the various data and security requirements for certain industries and governments.
Encryption is a necessary means of protecting data in the digital age for personal privacy, preventing data leakage, guarding against hacker attacks, and meeting regulatory compliance requirements.
What is Full Disk Encryption (FDE)?
Full disk encryption (FDE) means encrypting the entire contents of a storage device, such as a hard drive or solid-state drive. It ensures the whole disk (including the operating system, system files, applications, and user data) is protected from unauthorized access. Encrypting the entire disk provides a comprehensive security measure, even if the storage device is physically stolen or compromised.
FDE on Rocky Linux 9
Enabling FDE on Rocky Linux 9 is straightforward. The Anaconda installer program provides a simple “Encrypt my data” option when partitioning disks.
If you already have a running instance of Rocky Linux 9 and want to enable full disk encryption, you need to reinstall it. Once installed, it cannot be fully encrypted. Encryption can only be performed on directories or partitions after installation.
If you forget your encryption password, all of your data will be inaccessible. Therefore, it is recommended to choose a password that you can easily remember or store in a password vault or manager.
Before starting this process, make sure to back up any critical data that may be lost during the reinstallation process.
How to Enable Full Disk Encryption on Rocky Linux 9
Skip several installation steps for Rocky Linux 9 and go directly to the “Installation Summary” step.
On the INSTALLATION SUMMARY screen, click “Installation Destination”.
Select the disk you want to install the system on, select “Automatic” on the “Storage Configuration” option, check the “Encrypt my data” field, and click “Done”.
In the window that pops up, set the Passphrase password and click “Save Passphrase”. The passphrase is necessary to access your data.
Next, you jump to the “INSTALLATION SUMMARY” screen and click “KDUMP”.
In KDUMP Settings, select “Enable kdump”, “Kdump Memory Reservation” select “Automatic” and click “Done”.
Then go back to the “INSTALLATION SUMMARY” screen, Scroll down the Scroll bar and click “root password” to set your root password.
Set your password in the input box and click “Done”.
Click “Begin Installation” to start the installation. After the installation is complete, click “Reboot System” to restart the system.
Enter your Passphrase password to start the system.
Improve your User and Device Security with FDE + JumpCloud
While full disk encryption provides strong protection for data at rest, additional security measures like secure password management, regular software updates, and secure network connections should be implemented to ensure overall data security. While you can certainly manage these additional tasks, JumpCloud provides an easier way. Our open directory platform allows you to manage all your users and devices, including their security, SSO, and updates, in a single pane of glass.
Want to see it for yourself? Sign up today.
