On Thu, Jun 05, 2014 at 12:24:22AM +0100, Neil Bothwick wrote: > On Wed, 4 Jun 2014 21:59:18 +0200, Frank Steinmetzger wrote: > > > I encrypt my home partition with LUKS and enter a passphrase > > during boot. But I always wanted to get decryption upon login running, > > especially because it would require me to enter one less password. But > > haven’t gotten around to that yet. > > Are you the only use of the computer? If so, set your display manager to > auto-login, you have already authenticated yourself by unlocking the home > partition.
Now that’s an interesting idea I haven’t thought of yet. Thanks. My LUKS passphrase is much more secure than my ancient user password anyway *hehe*. > > > With one notable exception. There is sometimes sensitive information > > > in /etc, like wireless passwords. > > > > For that reason I put this stuff into /home/etc/$hostname/ (I back up my > > machines’ /etc on all other machines, also to have a reference if I need > > to know “How did I do this on $other_host?”). And then I symlink to > > that from the real location, i.e.: > > I used to do that, now I have an encrypted /, which contains the keys for > any other encrypted volumes, so I still only need to enter one password. That falls into the category of using initrds which is also far down on my todo. I understand the mechanics and had played with dracut in the past, but nothing workable has come out of it yet. > Nothing is illegal if one hundred businessmen decide to do it. Like stealing taglines. >:-) -- Gruß | Greetings | Qapla’ Please do not share anything from, with or about me on any social network. Please notify me if you did not receive this message.
signature.asc
Description: Digital signature
