LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   encrypted home directories (http://www.linuxquestions.org/questions/slackware-14/encrypted-home-directories-324565/)

TomaCzar 05-17-2005 09:58 PM

encrypted home directories
 
Alright, here's the deal.

I want to use dmcrypt to encrypt a file (preferably) or partition and use xdm authentication information to decrypt and mount the file/partition as the home directory.

http://deb.riseup.net/storage/encryption/dmcrypt/ explains how to accomplish this only this howto is for a system using PAM. Slackware doesn't use PAM and I'm not sure how to accomplish the same goal on a Slack system.

If anyone has a stronger understanding of how XDM handles authetication data, what Slackware uses instead of PAM, or how to accomplish my end goal using the implementation I've decribed (Slackware, XDM, dmcrypt) your help would be greatly appreciated.

gbonvehi 05-19-2005 07:00 AM

If I didn't read wrong, that howto tells to use PAM if you want to use a encrypted /home paritition (it's the "encrypted partitions" section), but it doesn't need it to encrypt a loopback file, read the "encrypted loopback" section, i think that's what you want to achieve.

Edit: This is a quote from the "encrypted loopback" section introduction:
Quote:

This is instructions for using dm-crypt to create a filesystem in a loopback file, this means storing an encrypted filesystem in one individual file. This is useful if you cannot or do not want to encrypt your entire partition. See above for how to do an entire partition.
What if you already have a filesystem, such as your /home directory, that you realize later that you want to encrypt but you cannot destroy that filesystem and then recreate it. Or perhaps you just want to encrypt part of it, you can do this with a dm_crypt loopback encrypted file.
Regarding XDM, you could use the xdm initialization scripts to check for which user was logged in and mount a desired file for it. You can make root the owner of that file so no one will be able to read it unless if the user logged in trought XDM so the script check if it's him that logged in and mounts it (XDM is run as root).
Here's a thread where a user needed to change resolution according to the user and reset to default one on logout: http://www.linuxquestions.org/questi...hreadid=308765

You could make something similar but mounting a file, and instead of using .xsession, using the DisplayManager._0.startup: variable in xdm-config (you need to also run GiveConsole script which is the default value of it).
I think you'll understand what i'm talking about after reading that thread.


All times are GMT -5. The time now is 10:28 AM.