Dear all,

I'm stumped - I now searched for quite a while to find out how to change the password of an encrypted home directory... YaST has the option to encrypt the home directory by using a container - that is, after encryption, there are USERNAME.img and USERNAME.key files in /home. Using pam_mount, the container will be mounted after login in /home/USERNAME.

So YaST uses the key file, but encrypts it by using the password of the user at creation time. Changing the password of the .img-container using luks methods isn't possible, without knowing how this key file is encrypted - and I can't find any documentation how it's done!

cryptsetup luksAddKey doesn't work, as the container doesn't use a password ("No key available with this passphrase"). Using the key file (USERNAME.key) doesn't work either, because the key file is encrypted (luksAddKey with -d results in the same message).

Now if (as a normal user) I change my password, logging in will not work anymore, as the container won't be decrypted and mounted as my home dir. And why isn't there any documentation about it or was I just too stupid to find it?


Thanks in advance and best regards!