From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.43)
	id 1DysZ2-0005j5-MQ
	for garchives@archives.gentoo.org; Sat, 30 Jul 2005 14:43:49 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j6UEg8R5005206;
	Sat, 30 Jul 2005 14:42:08 GMT
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.193])
	by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j6UEcdwc003121
	for <gentoo-user@lists.gentoo.org>; Sat, 30 Jul 2005 14:38:40 GMT
Received: by rproxy.gmail.com with SMTP id j1so1144643rnf
        for <gentoo-user@lists.gentoo.org>; Sat, 30 Jul 2005 07:39:30 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=ZJ0xX87Kq/SZV042tfGKeSPsBITRCy4G+6sOJsXBzSAb5ntHftz1OWqvUaCU+E1AsnzKjW1WymOG3Or8PgvLm/+xtYNtypiLIjKU1abRDZvYNM/0CpzM247agQGUIbdXUwNmIJ+mlRHK1I4D/X3w6aox1shzg6CiixFJaeQVqIE=
Received: by 10.38.101.12 with SMTP id y12mr129830rnb;
        Sat, 30 Jul 2005 07:39:30 -0700 (PDT)
Received: by 10.39.2.79 with HTTP; Sat, 30 Jul 2005 07:39:30 -0700 (PDT)
Message-ID: <fda4d1d405073007395071f693@mail.gmail.com>
Date: Sat, 30 Jul 2005 08:39:30 -0600
From: Hani Duwaik <kiawud@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Encripting /home
In-Reply-To: <42EB407B.9080102@asmallpond.org>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Disposition: inline
References: <200507272018.35098.pupeno@pupeno.com>
	 <200507280154.52878.mailing-gentoo@sailorferris.com>
	 <200507272148.11414.pupeno@pupeno.com>
	 <42EAA0B2.3010502@mid.email-server.info>
	 <42EB287C.8040402@asmallpond.org>
	 <42EB2CC7.2070701@mid.email-server.info>
	 <42EB407B.9080102@asmallpond.org>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by robin.gentoo.org id j6UEcdwc003121
X-Archives-Salt: 2e1d14f4-873e-468e-8cba-ac680ce0bd1e
X-Archives-Hash: 8e08178e396b22b2b2c42743b623dfaa

I'm not sure if anyone has covered this, but the following pdf was
very useful for me to encrypt my home dir:

www.flyn.org/docs/ehd.pdf

The interesting part was using openssl to encrypt the key and then
using your account's linux password to encrypt the openssl file.  This
way, you can change your account password and without having to change
the encrypted filesystem password/key (in the example, they create a
very random key for the encrypted filesystem and then use pam_mount to
automatically decrypt and mount the filesystems during login).

HTH,

-Hani

-- 
gentoo-user@gentoo.org mailing list