[sllug-members]: Encrypted Home Directories

[M. Alton jensen]

 > I've experimented with this a little, but thus far nothing works quite
> as I would like.  The one I ended up using was dmcrypt, mainly because
> it's file-system independent, can handle any size, is actively being
> maintained and improved, and came with my distro.  However to get it
> setup, I had to shut off the graphical boot (So I could put in the
> password) and modify my start-up scripts to run the correct command
> before it tried to mount /home.  There are ways around having to type in
> the password all the time (like having the key on a flash drive), but
> that didn't really appeal to me (Since flash drives can be lost, stolen,
> or seized).  However from what I've been reading, with the growing
> desire for encrypted block devices or file-systems, I wouldn't be
> surprised if it doesn't get easier in the next round of distro upgrades.
> 
> -KW

I've been using SuSE's partition encryption.  It uses crytpoloop (at
least it does in 10.1)  It was really easy to setup during the install
and prompts for the passphrase during boot.  I heard that they are
moving to dmcrypt, but I don't have plans to upgrade anytime soon.

It would be cool if they had the option for storing the key on a USB
drive and even cooler if it could use a USB token where the key can't be
exported or copied off (like one of those Rainbow iKeys)
...but one can dream.

On a related note, I'd love to hear anybody's success stories of
encrypted partitions with Ubuntu.

-Alt