I would like to secure my hard drive and user access with some sort of encryption.
I have a multiuser PC in our house that is used by all the family, what I would like to do is encrypt the
/home folder of the users either globally or individually.
I would also like to discuss the posibilities of the following within Ubuntu.
1. Decryption of entire /home provided a USB key with a valid GPG key is inserted at boot, drive remains
encrypted if key is not present.
2. Decryption of entire /home provided a GPG smartcard with a valid GPG key is inserted at boot, drive
remains encrypted if key is not present. What options are available if the smartcard fails.
3. Use of time based security token as password for each user, (one token per user) to decrypt users home
directory and login. Sudo should be able to access all accounts and reset token and add new tokens using
password.
What time based tokens are suitable for use with Ubuntu and where can you get them in the UK.
Ultimately I want to secure my PC's data should it be stolen, I would also like it to be fairly secure
when I the main user am away from the machine (i.e individual authentication tokens) but easy for other
users to have secure passwords that are easy to remember/enter (i.e. time based security token/GPG
smartcards).
Is there any discussion of these options or can we start this here.
Finally, I currently back-up all my data to a encrypted hard-drive that is held off site using
rdiff-backup, if the individual /home folders are encrypted how can I do this. Would global encryption of
/home be a better option or just encryption of sensitive /home accounts with a removable encryption key.
Adv Reply
Bookmarks