I wrote the wiki page https://wiki.ubuntu.com/EncryptedFilesystemHowto3 to show how to encrypt swap and home with LUKS on Ubuntu 6.06 and 5.10
hope you will find it useful
bye
I wrote the wiki page https://wiki.ubuntu.com/EncryptedFilesystemHowto3 to show how to encrypt swap and home with LUKS on Ubuntu 6.06 and 5.10
hope you will find it useful
bye
nice how-to. didnt know encrypted swap was so easy to set up.
can you add how to do the same when home is a file, not a partition?
and if you know, how to integrate this with pam, so login pass will be accepted as mount-pass.
That looks great. I am going to have to try it out when I have some spare time.
what's a troll? | my blog | my writing | Ubuntu Unleashed
Don't ask support questions in PMs--post a thread so everyone can benefit!
Very nice!!!
Would be also wonderful to have a wiki including a fully encrypted ubuntu system...
look here:Originally Posted by ways
- Rene Mayrhofer's blog - Encrypted home directories
- Linux Journal - Implementing Encrypted Home Directories
However, I won't use PAM, because I think that a good encryption password (diceware.com) isn't a good login/root password; in fact, I prefer to have a long (around 40 chars) encryption password to be used one time, and a mildly long (around 15 chars) system password to be used every time I need.
thanks. those links really helped. but does anyone else get problems with ownership?
volume * crypt - /home/.&.img /home/& loop,user,exec - -
in pam_mount
after mount root owns my home. tried adding uid=&, but apparently ext3 (which i used) does not allow this option.
Will this destroy anything in the home folder? Should I start with a clean system before puting anything on it?
works now. dont think i changed anything.Originally Posted by ways
it will, if you follow the guide and reformat a home partition. but if you choose to create a file to keep "home" in, you can do it without deleting anything.Will this destroy anything in the home folder? Should I start with a clean system before puting anything on it?
I've updated the guide to better explain home data preservation.Originally Posted by ways
From the guide, warnings section:
encrypting a partition is a destructive operation; then, your new home partition (/dev/hda3) must be empty, because all data on it will be erased.
unencrypted data on the old home directory won’t be deleted and will be accessible, for example, with a live CD; then, you shouldn't put any sensible data on home before encrypting.
otherwise, if you have sensible data to delete securely from the old unencrypted home, you should shred the old home directory.
if the partition containing the old home directory is formatted with a journaled file system (JFS, ReiserFS, XFS, Ext3, etc.), you must boot with a live CD and shred the entire partition containing the old home directory.
if the shredded partition is the partition containing the OS, reinstall ubuntu, and finally mount the previously created encrypted home.
references for secure deletion:
http://man.linuxquestions.org/index....pe=2§ion=1
http://www.cs.auckland.ac.nz/~pgut00...ecure_del.html
anyone else lost suspend & hibernate after doing this?
Bookmarks