From owner-freebsd-questions@FreeBSD.ORG Fri Jul 14 16:35:30 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9376916A4DA for ; Fri, 14 Jul 2006 16:35:30 +0000 (UTC) (envelope-from list-freebsd-2004@morbius.sent.com) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 392B143D45 for ; Fri, 14 Jul 2006 16:35:29 +0000 (GMT) (envelope-from list-freebsd-2004@morbius.sent.com) Received: from frontend3.internal (frontend3.internal [10.202.2.152]) by frontend1.messagingengine.com (Postfix) with ESMTP id A8FECD904E6 for ; Fri, 14 Jul 2006 12:35:28 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by frontend3.internal (MEProxy); Fri, 14 Jul 2006 12:35:30 -0400 X-Sasl-enc: BLsEoLhNVcklCGQ/PJSW4nheSXbJ5bg9zlHN2rDkETeu 1152894924 Received: from [192.168.1.2] (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mail.messagingengine.com (Postfix) with ESMTP id 72A6E70B4 for ; Fri, 14 Jul 2006 12:35:24 -0400 (EDT) From: RW To: freebsd-questions@freebsd.org Date: Fri, 14 Jul 2006 17:35:25 +0100 User-Agent: KMail/1.9.3 References: <009701c6a6d6$79c0d2d0$0200a8c0@satellite> In-Reply-To: <009701c6a6d6$79c0d2d0$0200a8c0@satellite> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200607141735.26800.list-freebsd-2004@morbius.sent.com> Subject: Re: home encrypted from install (freebsd 6.1) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Jul 2006 16:35:30 -0000 On Friday 14 July 2006 00:45, Dave wrote: > Hello, > I'm about to do a 6.1 install on a new box. I'm separating /home in the > filesystem so it's a system of it's own. During the install maybe after the > install, but before the reboot i'd like to encrypt /home so that any data > written to it after reboot will be encrypted. I was wondering if it was > possible to do this during the install? If it is how would it effect > programs like x? I'm going to have two users, one doing console logins, the > other will have x whenever he logs in, i don't want the encryption to get > in the way of this. > Thanks. Nothing is written to /home until after users are added which have their home directories under /home (root uses /root), so you can simply avoid creating users during install. The encrypted partition needs to be mounted before the first user logs in. You can either do this as part of the startup sequence (look at the geli and gbde options in /etc/defaults/rc.conf) or login as root and do it.