I have an Encrypted /home, and I’d like to know if there’s a way of protecting folders with password, like when trying to open other partitions it asks for root password. To understand it a little better:
I login and let my daughter use the PC, but there’s a folder I don’t want her to see. If she tries to open it, a prompt “Enter your password” appears and the only with the root (or user account, doesn’t make a difference) she can access it.
I have a public_html which has some image files and i am hiding the file contents by running chown and chmod on all the folder contents recursively.
I change the ownership of all the files and folder using chown
and then remove read /write permission for other users using chmod
Though I don’t know how an encrypted partition would act on this I submit Truecrypt for your consideration. Also there is Realcrypt that’s in the Packman repos. I have found that Realcrypt & Truecrypt work well one can( as I have) open a file I’ve done in one with the other & vice versa.
I’d like to encrypt a folder (or more). Once the access to the folder is permitted then you can see all it’s contents. There was a program on Windows that encrypted folders/processes, every time you’d try to open that folder/process it said “You do NOT have access”, so in order to do that you needed to exit the blocking software.
What I want to do is just like when opening partitions and, for what I could see, it seems the best way to do so, encrypt a partition.
> I’d like to encrypt a folder (or more). Once the access to the folder
> is permitted then you can see all it’s contents. There was a program on
> Windows that encrypted folders/processes, every time you’d try to open
> that folder/process it said “You do NOT have access”, so in order to do
> that you needed to exit the blocking software.
With YaST you can create user accounts each with their own encrypted
homes, which I think are loop mounted, LUKS encrypted, filesystems on a
If you are using a single user for two persons, then you need to do it
manually; either a separate encrypted partition, or a loop mounted file.
YaST can do both. But activating them is not automatic on trying to open
Truecrypt is another method, but proprietary.
Of course, the typical way is just having an account per person.
Adjusting the permissions stops normal people from looking, but having
access to the computer and the root password means they can access the
files if they want.
Cheers / Saludos,
Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)
What is mine stays in my homedir, the kids have their own. And, since linux is multi-user, they all have a session open on my server workstation, which is in the living room. Which allows encryption on a human user level. The way it’s designed to be.
Actually I thought of a much simpler method: Make a hidden folder. She’s 9yo and I doubt that she will be ever able to find a simple hidden folder. She only uses this machine to play web-games on Linux and Steam games on Windows, so I guess I’m safe from her (or is she safe from me?). In the future I plan to create a separate partition since openSUSE is so good a keeping partitions away from non-root personnel.
Hidden folders may not be hidden very well depending on your file manager’s settings.
+1 for TrueCrypt. It is the simplest way to achieve what you want. Someone on this thread said it is proprietary, but that’s not quite true. It is free (as in beer) and you can obtain the source code, but some distributions and advocates of free software have expressed concern over its license in the past.
Well I’m trying to hide some folder just for the occasional users that are my wife and my daughter, they barely know how to open Chromium, much less how to unhide folders hehe.
Is RARE, VERY RARE, to find people who actually use Linux here in Brazil, I can assure that 99.999% of home computers run some kind of pirated Windows, mostly due to computer stores where they do this practice and because most people actually think that “If they’re doing than I’m OK since I know jack about computers, I mean, he’s not using pirated software, right?”.
Dude! I have an 11 y/o niece who also is into games. Her father did what you proposed & she got into that folder anyway. She got banned from the PC for a month! What I’m really saying here are 2 things
Don’t ever underestimate kids especially these days! If they don’t know (my niece knew how when she was 9) they’ll know a kid that does.
My suggestion to you would be to give serious consideration to the accounts ideas posted in this thread.
It is possible that if she has an account she considers her own she’ll have no incentive check up on others. Also this being Linux as long as she’s not root she really can’t harm the PC.
I don’t let her use the PC so often, in this year she used it for about an hour or so (don’t ask me why, but things here in Brazil these days forced me to ban her to use cell phones and computers). Not to mention I install the system in English and the only one who speaks it is me. So for what I could think of, she’s not gonna be able to access some folders that I don’t want her to use
Well I guess by your logic I shouldn’t underestimate a 400 pound “runner” because he could run 100 yards in 10sec? Hehehe just kidding.
I’ll try it out later on a virtual machine. I’ll also look out for some tutorial on how (if posssible) to encrypt drives that are not encrypted, this way if I ever need to encrypt a drive I could resize a partition and do that.
In the past I had the same problem, accessing with his own account is annoying for children, so my son access with my account, and I solved making a user account called “secret”, and assigning the folder to this account, assign to the folder permission as only the owner can read and write, and, to easily access for me, making a KDE service to open folders as secret, it wasn’t so difficult to make this service, I modified something found in the KDElook used to access to folder as root…, I cannot find in this moment, if I’ll find I’ll post it…
thnx, ciao, pier
On Wed, 01 May 2013 17:36:02 +0000, amarildojr wrote:
> Actually I thought of a much simpler method: Make a hidden folder. She’s
> 9yo and I doubt that she will be ever able to find a simple hidden
Never underestimate the ingenuity of children.
Security by obscurity is no security at all.
A separate partition for your daughter’s home directory isn’t necessary
(indeed, nobody sets up a separate partition for each user - traditional
partition tables can’t handle enough entries for some systems).
A separate login would suffice - that uses the file permissions system
and helps ensure separation of content, restricted to each user. That’s
what it’s there for - there’s no need to go looking for an overly
complicated and convoluted solution.