On Sat, Nov 28, 2009 at 23:03, Charles Curley
<[email protected]> wrote:
> I just got a nasty surprise.
>
> With Ubuntu 9.10, you can have your entire home directory encrypted
> with ecryptfs. Cool, I said, I'll try that on my laptop. The encrypted
> file system is mounted at /home/${USER}. In addition, there is a
> directory, /home/.ecryptfs, where the lower (encrypted version) file
> system is kept.
>
> I was backing up with a DLE for /home:
>
> dragon.localdomain /home comp-server-root-tar
>
> Here's the problem: Normally tar won't cross a mount point. So I was
> getting useless backups of /home on my laptop. (I was getting
> .ecryptfs backed up, but that did me no good with my password broken.)
>
> I discovered all this when my laptop went screwy and I couldn't log in
> as my normal user. I was able to recover my data, see
> http://dragon/~ccurley/crcweb/blog/archives/2009/11/24/recovering_from_login_failure_on_ubuntu_9_10/index.html
dragon? No FQDN? Google couldn't help me...
> for the gory details.
>
> I immediately changed the DLE to back up /home/${USER}. (But in order
> for that to work, the user has to be logged in, or else his partition
> otherwise mounted. Fortunately, that's normally the case when my
> laptop is home and running.)
Alternatively, you can use encrypted LVM so the whole system is encrypted, incl.
swap (and the hibernation area). I use that on my laptop.
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
