linux:encrypted_home
# Switch to an encrypted home partition
<note warning>Backup everything on your home partition first !</note> As root:
umount /home
blkid
# Get the /dev/sdXY associated to your /home, in my case /dev/sda6
# Make some noise, erase everything on /home
badblocks -c 10240 -s -w -t random -v /dev/sda6
# Encrypt the partition
cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda6
# Enter a Master key
cryptsetup luksAddKey /dev/sda6
# Enter your user's password
# Unlock the partition
cryptsetup luksOpen /dev/sda6 home
# Enter a key, doesn't matter which one
# Re-create the filesystem
mkfs.ext4 /dev/mapper/home
aptitude install libpam-mount
Edit the file /etc/security/pam_mount.conf.xml, add before the closing tag:
<volume fstype="crypt" path="/dev/sda6" mountpoint="/home" />
Edit the file /etc/fstab, comment the line for /home
/home/share/www/redox.ws/wiki/data/pages/linux/encrypted_home.txt · Last modified: 2023/11/24 21:55 by 127.0.0.1