From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-133179-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RhmTG-0004uj-O7
	for garchives@archives.gentoo.org; Mon, 02 Jan 2012 18:18:55 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 6186C21C187;
	Mon,  2 Jan 2012 18:18:36 +0000 (UTC)
Received: from mail-vw0-f53.google.com (mail-vw0-f53.google.com [209.85.212.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id 97DE521C31C
	for <gentoo-user@lists.gentoo.org>; Mon,  2 Jan 2012 18:16:59 +0000 (UTC)
Received: by vbih1 with SMTP id h1so5041838vbi.40
        for <gentoo-user@lists.gentoo.org>; Mon, 02 Jan 2012 10:16:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=11ZRVUhze0OG33ofP/iHczOHsa6E8FyiL/QBAy07eHE=;
        b=Mwe+wLeA3ukNTGNlPTJ2zgobYYgrWcwwR4xJSfbpveCTilJoR6VPiH4ycb7lfLu2WA
         ct9uMKGrtCm3CIabqNhMtVer69Lg6rU06kgtHiYGvz9jawHI+q+YIxNUvmCIEzrC0VEJ
         wEuNWf3wMlE4fKKHlVUj+97hktfrEZ+rTXV3E=
Received: by 10.52.36.166 with SMTP id r6mr10871398vdj.53.1325528219174; Mon,
 02 Jan 2012 10:16:59 -0800 (PST)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.52.163.35 with HTTP; Mon, 2 Jan 2012 10:16:38 -0800 (PST)
In-Reply-To: <20120102170648.13824f89@hactar.digimed.co.uk>
References: <201201020907.55698.stephane@22decembre.eu> <4F01A4F8.50209@binarywings.net>
 <20120102125803.686b65eb@digimed.co.uk> <201201021412.31844.stephane@22decembre.eu>
 <20120102132931.36bbfd6f@digimed.co.uk> <4F01BE82.1010601@binarywings.net> <20120102170648.13824f89@hactar.digimed.co.uk>
From: Kfir Lavi <lavi.kfir@gmail.com>
Date: Mon, 2 Jan 2012 20:16:38 +0200
Message-ID: <CAHNvW1L7861ffDp6EsfCJUXn=koiH-pTPi1EwKZLRniM=xFEgw@mail.gmail.com>
Subject: Re: [gentoo-user] crypt my home repository
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=20cf3079bb18a4c63604b58f96dc
X-Archives-Salt: d09ef877-de4f-4bcf-9657-94d87c0570c9
X-Archives-Hash: 0a41bb7eaee2380a6bdb6e432847ac32

--20cf3079bb18a4c63604b58f96dc
Content-Type: text/plain; charset=UTF-8

On Mon, Jan 2, 2012 at 7:06 PM, Neil Bothwick <neil@digimed.co.uk> wrote:

> On Mon, 02 Jan 2012 15:26:10 +0100, Florian Philipp wrote:
>
> > > In that case, you probably want to use encfs to encrypt each home
> > > directory separately. dmcrypt works on block devices, so a single home
> > > partition would have a single password.
>
> > dmcrypt supports multiple simultaneous passwords (I think 4 or something
> > like that). Of course, then every user can unlock every home directory
>
> Which is why I recommended ecryptfs (I've only just noticed that the
> previous posts mentioned encfs, that's a FUSE filesystem that is
> unnecessary now the kernel have ecryptfs included).
>
>
Thanks,
I didn't know about that.
I'll try that, as I'm using encfs, and basically it works flawlessly.
But running without fuse, is better.

Kfir


> It's not the multiple passwords, it's separately locking each user's
> data.
>
> --
>
> Neil Bothwick
>
> Guillotine operator wanted. Chance to get ahead.
>

--20cf3079bb18a4c63604b58f96dc
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><br><div class=3D"gmail_quote">On Mon, Jan 2, 2012 at =
7:06 PM, Neil Bothwick <span dir=3D"ltr">&lt;<a href=3D"mailto:neil@digimed=
.co.uk">neil@digimed.co.uk</a>&gt;</span> wrote:<br><blockquote class=3D"gm=
ail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-le=
ft:1ex">

<div class=3D"im">On Mon, 02 Jan 2012 15:26:10 +0100, Florian Philipp wrote=
:<br>
<br>
&gt; &gt; In that case, you probably want to use encfs to encrypt each home=
<br>
&gt; &gt; directory separately. dmcrypt works on block devices, so a single=
 home<br>
&gt; &gt; partition would have a single password.<br>
<br>
&gt; dmcrypt supports multiple simultaneous passwords (I think 4 or somethi=
ng<br>
&gt; like that). Of course, then every user can unlock every home directory=
<br>
<br>
</div>Which is why I recommended ecryptfs (I&#39;ve only just noticed that =
the<br>
previous posts mentioned encfs, that&#39;s a FUSE filesystem that is<br>
unnecessary now the kernel have ecryptfs included).<br>
<br></blockquote><div><br>Thanks,<br>I didn&#39;t know about that. <br>I&#3=
9;ll try that, as I&#39;m using encfs, and basically it works flawlessly. <=
br>But running without fuse, is better. <br><br>Kfir<br>=C2=A0<br></div><bl=
ockquote class=3D"gmail_quote" style=3D"margin:0pt 0pt 0pt 0.8ex;border-lef=
t:1px solid rgb(204,204,204);padding-left:1ex">


It&#39;s not the multiple passwords, it&#39;s separately locking each user&=
#39;s<br>
data.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
<br>
Neil Bothwick<br>
<br>
Guillotine operator wanted. Chance to get ahead.<br>
</font></span></blockquote></div><br></div>

--20cf3079bb18a4c63604b58f96dc--