I ran in to this issue of encrypted home directories as well. The problem I had when testing it was that I was logged in to the box locally at the same time I was testing the remote connection and everything seemed to work but when I was not logged on to the box locally, I could not connect. I only discovered this after I was 5000kms away from the physical box.
One workaround I came up with is a separate account to use strictly for SSHing to the box with SSH keys and I set this account up with no local password. This discourages me from using this account when I'm locally at the box. No personal data other than the authorized_keys file exists. I connect remotely using the SSH-only account then su to the encrypted account where it will prompt you for login credentials. Once you have logged in via su, you can remote to the 'encrypted account' with SSH keys if you need that direct connection. Cheers! ~Neil B. On Sun, Dec 5, 2010 at 9:59 PM, shawn <[email protected]> wrote: > I tried the encrypted home directory and ran into problems with SSH to that > box via ssh keys. Which makes sense - the keys are encrypted and can't be > read until you login. But you can't login without the keys... Guess it > would make sense for a desktop that will be unlikely to be connected TO via > ssh. Either that or I missed a step somewhere. > > I'm running Kubuntu 10.10 now with an encrypted drive. The install process > was pretty straight forward and everything is working as expected (with a > new *buntu install - sound issues, data migration, etc.) I still want to > encrypt a drive manually from the command line just to learn the details, > but the docs I've seen are old (2007ish or earlier) and make a lot of > assumptions about base knowledge making the docs difficult to read. > > Shawn > > > On 10-12-05 04:42 PM, Gustin Johnson wrote: > >> On Thu, Dec 2, 2010 at 11:12 PM, Shawn<[email protected]> wrote: >> >>> I'm looking for any decent links/how-to's for full disk encryption. >>> >> For truecrypt >> http://www.truecrypt.org/docs/ >> >> Truecrypt also has an option for a secret hidden OS >> >> On Ubuntu you can do it at install if you use the alternate install >> CD. I used this a couple of times and it worked well. The encrypted >> home directory is what I use now. The one issue is that if you have a >> slight issue with your hard drive, and I mean slight, all the data is >> pretty much toast. It does not even have to be a bad disk, just a >> wrong bit flipped at the wrong time which happens more than you think >> on modern hard drives. If done right data recovery is not possible. >> > > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying >
_______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
