LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 01-18-2008, 11:48 AM   #1
mattydee
Member
 
Registered: Dec 2006
Location: Vancouver, BC
Distribution: Debian
Posts: 462

Rep: Reputation: 39
mount luks encrypted partition with kdm


All information I've found on this refers to the use of pam. Since Slackware 12 doesn't come with PAM, does anyone know of an alternate way to do this?

Right now, I am using the /etc/crypttab method but this makes users have to enter 2 passwords (or the same password twice), which is not ideal.

Alternately, how much trouble would it be to install PAM on Slack 12?

Thanks

EDIT: Just realized the issue of PAM on Slackware is somewhat controversial. A solution without PAM would be preferable.

Last edited by mattydee; 01-18-2008 at 12:19 PM.
 
Old 01-19-2008, 07:11 PM   #2
xma
LQ Newbie
 
Registered: Jan 2008
Distribution: Slackware GNU/linux
Posts: 23

Rep: Reputation: 0
Quote:
Originally Posted by mattydee View Post
All information I've found on this refers to the use of pam. Since Slackware 12 doesn't come with PAM, does anyone know of an alternate way to do this?

Right now, I am using the /etc/crypttab method but this makes users have to enter 2 passwords (or the same password twice), which is not ideal.

Alternately, how much trouble would it be to install PAM on Slack 12?

Thanks

EDIT: Just realized the issue of PAM on Slackware is somewhat controversial. A solution without PAM would be preferable.
I guess PAM is the way to go *BUT* I do not see the need to have "dynamic" decrypting when a user is loging in. Could you explain that ?

Here, I did something different based on udev rules and crypttab. Whenever a user is plugging a USB key, its UUID (see /dev/disk/by-uuid) is checked accross a small authorized uuid list. For each uuid, there is a matching user. The first rule is just a small check, the second tries to read the USB device and to look for a key to pass to the cryptsetup command. When found, it open the LUKS device and give a mapping name of "crypt-id" then mounts the $HOME. It's not very intuitive and looks more a hack than anything but it works for the few people I gave access to my machines. Sure, PAM would be much much simpler but I do not want to install it by myselft.

By the way, what's the controverse with PAM and slackware ?
 
Old 01-28-2008, 01:32 AM   #3
mattydee
Member
 
Registered: Dec 2006
Location: Vancouver, BC
Distribution: Debian
Posts: 462

Original Poster
Rep: Reputation: 39
Quote:
Originally Posted by xma View Post
I guess PAM is the way to go *BUT* I do not see the need to have "dynamic" decrypting when a user is loging in. Could you explain that ?
So a user wouldn't have to enter a password twice.(Once for mounting the enc volume and once for logging in)

Quote:
Originally Posted by xma View Post
By the way, what's the controverse with PAM and slackware ?
Apparently, it isn't as secure as it should be.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't mount encrypted USB drive letrout Linux - General 1 02-08-2006 09:50 PM
HFS+ (encrypted) mount linux mimithebrain Linux - General 2 10-21-2005 04:46 PM
Encrypted partition does not mount on boot applewax Suse/Novell 2 01-06-2005 12:31 PM
fscking an encrypted partition bungalowbill Linux - General 3 04-30-2004 10:04 AM
Encrypted partition? hjles Slackware 1 01-25-2003 04:49 PM


All times are GMT -5. The time now is 05:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration