I have a requirement that necessitates that I encrypt the home partition. Is there any way to get this to work without the requirement of console access at boot to enter a password? I need to be able to run headless also, make initial login via ssh and subsequently mount the encrypted partition.
sherwingws schrieb:
> I have a requirement that necessitates that I encrypt the home
> partition. Is there any way to get this to work without the requirement
> of console access at boot to enter a password? I need to be able to run
> headless also, make initial login via ssh and subsequently mount the
> encrypted partition.
I haven’t actually tried this myself, but it should Just Work if you
set the encrypted partition not to be mounted automatically. Just
make sure you have an account with a home directory outside the home
partition to which you can login while it is not yet mounted.
Logins to an account whose home directory isn’t present would fail.
Ok then, I am in the process of trying it.
I have created an encrypted /home and an unencrypted /home0. After installation, I will edit fstab, to not mount /home at boot, and set the test user id to have a “home” directory in /home0/whatever. Then I will see if I am subsequently able to mount the encrypted /home directory via su or sudo. Will post my results, when I have tested it.