Recently, I've been building systems using Linux's Logical Volume Manager (LVM) and XFS filesystems. While LVM adds a layer of indirection to disk access, it has offers significant benefits. Primarily, I've been taking advantage of this combination to back up filesystems on production servers. Using xfs_freeze to suspend disk activity, then quickly creating a snapshot of the filesystem with LVM, I can then resume activity on the production server while I copy the snapshot filesystem to a remote backup location. LVM has a large number of other features, but its snapshot abilitity has been the largest win for me.
I'm using the same mapping code in the 2.6 Linux kernels to encrypt all the partitions on my laptop. The Debian cryptsetup package uses dmsetup to provide encrypted partitions. Compared to using cryptoloop (deprecated) or loop-aes (requires modified losetup and mount), dmsetup is nearly trivial to use. In a very short period of time, I've converted my Debian laptop to use an encrypted root partition, encrypted swap partition, and encrypted LVM physical volume. I created my local data partitions as logical volumes on the encrypted LVM physicial volume. All this was quite painless to setup. Operation is similarly simple: the cryptdisk init script asks for the passphrases of the encrypted partitions upon booting.
While it's been 14 years since my last laptop was stolen, I'm reassured knowing my system is strongly encrypted if such misfortune recurs.
