Should I encrypt my entire hard drive or just my /home directory?

but a motivated actor, WILL get to that data if you only encrypt home.

While I have done a bit of Pen Testing, it was multiple years ago, targeting Windows systems and not Linux ones, so this is well outside my specialty.

With that said, if you have no swap file (so the decryption key is not written to disk), and you are simply trying to keep copies of documents encrypted, I would have assumed the chances of decryption would be relatively small.

Reason being is that most programs you open should not be able to write outside of /home/USER meaning that the only traces would be left by the OS itself.

How would you go about decrypting the /home directory if there was no swap, or otherwise finding a copy of a document opened recently?

/r/archlinux Thread Parent