Quote:
Originally Posted by mattydee
All information I've found on this refers to the use of pam. Since Slackware 12 doesn't come with PAM, does anyone know of an alternate way to do this?
Right now, I am using the /etc/crypttab method but this makes users have to enter 2 passwords (or the same password twice), which is not ideal.
Alternately, how much trouble would it be to install PAM on Slack 12?
Thanks
EDIT: Just realized the issue of PAM on Slackware is somewhat controversial. A solution without PAM would be preferable.
|
I guess PAM is the way to go *BUT* I do not see the need to have "dynamic" decrypting when a user is loging in. Could you explain that ?
Here, I did something different based on udev rules and crypttab. Whenever a user is plugging a USB key, its UUID (see /dev/disk/by-uuid) is checked accross a small authorized uuid list. For each uuid, there is a matching user. The first rule is just a small check, the second tries to read the USB device and to look for a key to pass to the cryptsetup command. When found, it open the LUKS device and give a mapping name of "crypt-id" then mounts the $HOME. It's not very intuitive and looks more a hack than anything but it works for the few people I gave access to my machines. Sure, PAM would be much much simpler but I do not want to install it by myselft.
By the way, what's the controverse with PAM and slackware ?