![]() This is the computer-nerdiest post I have written on this site up until now, so if you have not heard of ZFS before, nor are you considering encrypting your home directory, then I am surprised that you got this far in the text □ Configure properties (used in the unlock script) on our ZFS volume.Write a small Bash script to assist us in unlocking our home directory.Migrate the home directory from an unencrypted home directory to an encrypted one.We can use PAM to get a hold of the user password when logging in, and in turn use the password to unlock our home directory storage. It is a complex system and I have not had the time (or urge) to really dig in to it other than what I needed here: PAM is the Pluggable Authentication Module system in *nix world. if GDM need to authenticate me as a user, it (GDM) can be agnostic about whether my password is in a file on the hard drive or is validated against an AD on the network. PAM is a authentication system that allows programs that rely on authentication to be written independent of the underlying authentication scheme. This is great for system wide storage, but not so great for user directories. GDM has support for asking for passwords, and hence a prompt appears at boot time. The issue arises because ZFS is configured (on Ubuntu 20.04) to automatically mount all file systems on the system at boot time – including encrypted home directories. When enabling encryption manually (after installation) the decrypt action is performed before user login Ubuntu did previously provide this option, but it used eCryptfs which was considered buggy, under-maintained, not fit for main anymore and has thus been removed. Ubuntu 20.04 did not provide an option to encrypt your home directory when using ZFS ![]() Lastly: Why not? I’m a geek and it’s fun □.I believe it is similar to when burglars breaks in to homes: It is not a nice feeling to know that some random stranger has been rummaged through your personal belongings. ![]() ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |