Hello. I did a new Leap 42.1 installation. I found there was no option for home directory encryption now (except home partition encryption). So I continued installation and went to Yast module - users and groups, enabled home directory encryption. It asked me to plug in the installation media despite the working internet connection. I did it and it installed some crypt package and it seemed done.
Now when I boot up and get into the log in window, it gets stuck there after I input my password. Ctrl+alt+F2 it asks me to input user name and pam_password then I can log in, to a command line interface only.
When you encrypt after the install it wipes the partition /directory. So in essence you don’t have a home anymore
It is best to do encryption as follows at install
set booting as per legacy/EFI boot pattern
add a 500meg partition and mount it as /boot
the rest make a LVM partition with swap root and home partitions in it. Set the LVM for encryption.
I have a very vague understanding about UEFI, /boot, and lvm partitions. Now that I am already dual booting Win/suse, I avoid mixing too many things I don’t understand.
That’s why I opt for home directory encryption which is easier than lvm partition encryption.
Any reason why home directory encryption option was removed during installation? Does this feature work in YAST after installation? Since it’s a new installation I don’t mind if it has to rebuild the home directory, as long as it works.
I don’t know. It is still there for creating an additional user.
You can install “ecryptfs-util” and then setup an ecryptfs home directory (with “ecryptfs-migrate-home”) for an existing user.