| 1 |
On Thu, Jun 05, 2014 at 12:24:22AM +0100, Neil Bothwick wrote: |
| 2 |
> On Wed, 4 Jun 2014 21:59:18 +0200, Frank Steinmetzger wrote: |
| 3 |
> |
| 4 |
> > I encrypt my home partition with LUKS and enter a passphrase |
| 5 |
> > during boot. But I always wanted to get decryption upon login running, |
| 6 |
> > especially because it would require me to enter one less password. But |
| 7 |
> > haven’t gotten around to that yet. |
| 8 |
> |
| 9 |
> Are you the only use of the computer? If so, set your display manager to |
| 10 |
> auto-login, you have already authenticated yourself by unlocking the home |
| 11 |
> partition. |
| 12 |
|
| 13 |
Now that’s an interesting idea I haven’t thought of yet. Thanks. My LUKS |
| 14 |
passphrase is much more secure than my ancient user password anyway *hehe*. |
| 15 |
|
| 16 |
> > > With one notable exception. There is sometimes sensitive information |
| 17 |
> > > in /etc, like wireless passwords. |
| 18 |
> > |
| 19 |
> > For that reason I put this stuff into /home/etc/$hostname/ (I back up my |
| 20 |
> > machines’ /etc on all other machines, also to have a reference if I need |
| 21 |
> > to know “How did I do this on $other_host?”). And then I symlink to |
| 22 |
> > that from the real location, i.e.: |
| 23 |
> |
| 24 |
> I used to do that, now I have an encrypted /, which contains the keys for |
| 25 |
> any other encrypted volumes, so I still only need to enter one password. |
| 26 |
|
| 27 |
That falls into the category of using initrds which is also far down on my |
| 28 |
todo. I understand the mechanics and had played with dracut in the past, but |
| 29 |
nothing workable has come out of it yet. |
| 30 |
|
| 31 |
> Nothing is illegal if one hundred businessmen decide to do it. |
| 32 |
|
| 33 |
Like stealing taglines. >:-) |
| 34 |
|
| 35 |
-- |
| 36 |
Gruß | Greetings | Qapla’ |
| 37 |
Please do not share anything from, with or about me on any social network. |
| 38 |
|
| 39 |
Please notify me if you did not receive this message. |
Archives