ROSA Marathon is a Linux distribution derived from Mandriva Desktop. It is developed by ROSA Labs, a Linux solutions provider based in Moscow, Russia. ROSA Marathon 2012, the latest edition, was released just a few days ago. As a Mandriva-drived distribution, ROSA Marathon retains all the excellent graphical (management) applications of its parent distribution.
One of those applications, is the installer. While I will not necessarily describe it as an “excellent application”, it is one of the very few graphical installation programs with support for disk encryption, which is a very important feature to have and configure if you want to boost the physical security profile of your computer.
But while other graphical installers with support for disk encryption, like Anaconda, the Fedora system installer, for example, support encryption of all partitions other than the boot partition, it is not possible to encrypt the root partition with ROSA Marathon’s installer.
The following image shows what happens during disk partitioning if you mount a partition at /, the root partition’s mount point.
And if you decide to put the /usr directory on a separate partition, it, too, cannot be encrypted.
Same for the partition mounted at /var.
About the only major partition that the installer will allow you to encrypt, is the one mounted at /home, where all user home directories and folders are located.
So, does encrypting just the home partition offer the same level of physical security as encrypting everything? To a large extent, yes, because the net effect is that the system will not boot until the home partition’s encryption passphrase is specified. The image below shows what you will see anytime you boot the computer.
Anybody attempting to login will, after seven failed attempts, see this.
And even if the person knows the root password, there is still very little (s)he can do, hopefully, unless (s)he is a ninja Black Hat.