Results 1 to 6 of 6

Thread: cannot get encrypted home directory to work - OpenSUSE 13.1

  1. #1

    Default cannot get encrypted home directory to work - OpenSUSE 13.1

    On a fresh installed OpenSUSE 13.1 I want to create a new user with an encrypted home directory. I can't make it work, no matter what I do I just get two unused files in /home and an unencrypted normal home directory for the user.

    I boot the PC and login as root, start "Control Center" and choose "User and Group Management". In "Users" tab I click Add to create the new user. On the User Data tab I fill in user name and password and then click on the Details tab. Here I mark "Use Encrypted Home Directory" and the Directory Size in MB turns to 100. Now I click OK to exit the setup for the new user. In the main window I click OK again to apply the creating, The "Writing User and Group Configuration" checks the first four lines, but stops on "Write passwords". Error message box "stat: No such file or directory. Failed to open image". I click OK to close the error, and the configuration continues and then exits.

    In addition to the normal home directory /home/username, in /home appears two files: username.img sized 100 MiB and username.key 288 bytes. So the new user should be created OK, right ? Well, I can login as the new user, but the encryption is not activated, and the username.img is just, 100 MiB NULL bytes and never changes. No /dev/loop is in use, and df shows no sign of a mounted encrypted loop file.

    So I try again, reboot PC to get a clean slate and login as root and move the two files into hiding and then use YaST to delete the user, including deleting the home directory. Another reboot to make sure the user is gone, and then I bring back the two files to /home, and try to create the user again.

    This time the error message is "/home/username.img already exists. Use --force to overwrite it." I click OK, and the user is created, but still the encryption is not used.

    How can I make YaST use the --force option ? I can't find anywhere in the YaST settings where I can set that. Can YaST create an encrypted home, or is this a bug ?

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,912
    Blog Entries
    3

    Default Re: cannot get encrypted home directory to work - OpenSUSE 13.1

    I have not tried it with 13.1.

    I do recall that for 12.3, you had to do "modprobe loop" to force the loading of the loop module, if you wanted this to work. Or you could force loading in "/etc/sysconfig/kernel" (if I recall correctly).
    openSUSE Leap 15.4 Beta; KDE Plasma 5.24.4;
    testing Tumbleweed.

  3. #3
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: cannot get encrypted home directory to work - OpenSUSE 13.1

    On 2013-11-22 19:56, nrickert wrote:
    >
    > I have not tried it with 13.1.
    >
    > I do recall that for 12.3, you had to do "modprobe loop" to force the
    > loading of the loop module, if you wanted this to work. Or you could
    > force loading in "/etc/sysconfig/kernel" (if I recall correctly).


    Both cases would be a bug. Is it, no, are they reported in bugzilla?

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  4. #4
    Join Date
    Sep 2012
    Posts
    7,484

    Default Re: cannot get encrypted home directory to work - OpenSUSE 13.1

    Quote Originally Posted by nrickert View Post
    I do recall that for 12.3, you had to do "modprobe loop" to force the loading of the loop module, if you wanted this to work.
    I just briefly tested it and it's the same on 13.1. loop must be loaded before creating user with encrypted home via yast.
    Or you could force loading in "/etc/sysconfig/kernel" (if I recall correctly).
    Code:
    echo loop > /etc/modules-load.d/loop.conf
    BTW implementation seems to be incomplete. Encrypted user directory mounted when user logs in, but not when I do "su - user".

  5. #5

    Default RESOLVED: cannot get encrypted home directory to work - OpenSUSE 13.1

    Quote Originally Posted by arvidjaar View Post
    I just briefly tested it and it's the same on 13.1. loop must be loaded before creating user with encrypted home via yast.


    Code:
    echo loop > /etc/modules-load.d/loop.conf
    .
    You're right, loading loop module makes encrypted home directory work.

    I logged in as root and loaded the loop module with
    Code:
    modprobe -v loop
    on a command line. Then I ran YaST and created the user with encrypted home directory without problems, and when I login as the user, the encryption is effective.

    Now I can login as the user with active encryption, I didn't have to do anything extra to make OpenSUSE load the loop module at boot time, it happens automagically. The directory /etc/modules-load.d/ is still empty, so the loop module must be loaded somewhere else.

    Thanks

  6. #6
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: cannot get encrypted home directory to work - OpenSUSE 13.1

    On 2013-12-14 16:56, fredvej wrote:

    > on a command line. Then I ran YaST and created the user with encrypted
    > home directory without problems, and when I login as the user, the
    > encryption is effective.
    >
    > Now I can login as the user with active encryption, I didn't have to do
    > anything extra to make OpenSUSE load the loop module at boot time, it
    > happens automagically. The directory /etc/modules-load.d/ is still
    > empty, so the loop module must be loaded somewhere else.


    Well, that's a bug in YaST, so please report it in bugzilla.

    openSUSE:Submitting bug
    reports


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •