how to remount encrypted home?

After update to 11.4, I would like to regain access to my encrypted home that I left intact. Both user.img and user.key files are there, but when I create the same user again in YaST, it does not recognize their presence and it asks again for size of the image. I am afraid it will just overwrite the old image. I do have full backup of hte data, but since its 150GB, I would rather not have to transfer it again.

How can I remount my old encrypted home?

On 2011-05-21 21:36, cflange wrote:
>
> After update to 11.4, I would like to regain access to my encrypted home
> that I left intact. Both user.img and user.key files are there, but when
> I create the same user again in YaST, it does not recognize their
> presence and it asks again for size of the image. I am afraid it will
> just overwrite the old image. I do have full backup of hte data, but
> since its 150GB, I would rather not have to transfer it again.
>
> How can I remount my old encrypted home?

You would have to learn to manually activate encrypted homes, how it is
configured an which are the configuration files, and then repeat the
procedure, manually, in the new system. Or, you should have done an
upgrade, not a new install.

Perhaps now you can try to recreate an encrypted home, and then replace the
image and key.

I can not say what will work because I have never used encrypted homes,
only encrypted data filesystems.


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

I could not find the config files that control LUKS and point to the encrypted image.

Upgrade might have worked, but I prefer to do fresh installs in the system partition and only keep the home partition.

But I like your idea of moving my old image to a temp file, “creating” my user again with a small encrypted image (my original one uses 80% of the partition), then replacing the new image with my old one afterward. I should have thought of this before.

I will report here if this works.

Ha!

It worked beautifully.
It decrypted with my usual password and all my data is there.
Thanks for the smart work-around, Carlos.

For future reference, here is how you should have done it:

During the partitioning section of the install, you should have gone into the edit options for your home partition. There, you should set the home partition to “encrypt” and “do not format”. It may ask for the encryption key during the install - I’m not sure whether you can skip that while installing, but it is probably best to provide it.

On 2011-05-22 01:36, cflange wrote:
>
> Ha!
>
> It worked beautifully.
> It decrypted with my usual password and all my data is there.
> Thanks for the smart work-around, Carlos.

Welcome :slight_smile:


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

On 2011-05-22 02:06, nrickert wrote:
> During the partitioning section of the install, you should have gone
> into the edit options for your home partition.

It is not a home partition. It is a loop mounted file for only one user,
inside a plain home partition.

You may be right, that it is done there, but not exactly how you describe.


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

That is precisely it.

I tried encrypted home partition in the past, but you have to enter the decryption key at boot time and the partition remains unencrypted until you shutdown.

With encrypted home directory you do not need to enter a separate key (your login password is your key) and you only need to logout to protect your files. Another user in the same machine will not have access to the files. At installation, if you create a previously existing user, YaST asks if you want to “change the owner” of the home directory, then basically reuses that home without changes. I tried to do that with encryption turned on, but it looked like YaST would create a new empty image file, so I did not proceed.