On Wed, Mar 8, 2023 at 7:11 PM Adrien CLERC <[email protected]> wrote:
> Le 08/03/2023 à 16:28, Alexey Kuznetsov a écrit : > > Hello! > > I have an idea about how modern linux should work with encrypted LUKS > partitions. > > Hi, > > I'm using LUKS for a long time on both my personal (desktop) and > professional (laptop) computers. Since they are single user (me), I use > autologin in the display manager, lightdm in my case. Because there is only > one slot configured in LUKS, I'm sure this is me, so lightdm can autologin > safely. > > However, you are proposing to solve the case for multiple user computers. > In that case, I would think about a much simpler design: > > - Remember which slot was used to unlock the LUKS root partition > > - Make a map with slot -> user to autologin > > - Autologin that user on boot > > No more passing password, no more password update headache. But only a > root user can update the map "slot -> user". > > Adrien > Right. But you still have to remember passpharse and your main account password. This is not about autologin. This is about unlocking your machine LUKS with only login/password without having an additional passphrase to remember.
