From owner-freebsd-questions@FreeBSD.ORG Sat May 22 23:54:56 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E8DFB16A4CE for ; Sat, 22 May 2004 23:54:56 -0700 (PDT) Received: from smtp05.web.de (smtp05.web.de [217.72.192.209]) by mx1.FreeBSD.org (Postfix) with ESMTP id B50A643D41 for ; Sat, 22 May 2004 23:54:56 -0700 (PDT) (envelope-from platanthera@web.de) Received: from [217.85.227.203] (helo=liza.hacienda.herti) by smtp05.web.de with asmtp (TLSv1:RC4-MD5:128) (WEB.DE 4.101 #91) id 1BRmsb-0005ia-00; Sun, 23 May 2004 08:54:41 +0200 From: platanthera To: freebsd-questions@freebsd.org, y2kbug@ms25.hinet.net Date: Sun, 23 May 2004 08:54:32 +0200 User-Agent: KMail/1.6.2 References: <200405211749.15890.platanthera@web.de> <200405221254.34138.platanthera@web.de> <20040523075658.76ffaaa4.y2kbug@ms25.hinet.net> In-Reply-To: <20040523075658.76ffaaa4.y2kbug@ms25.hinet.net> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200405230854.36132.platanthera@web.de> Sender: platanthera@web.de Subject: Re: home on a gbde encrypted partion X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 May 2004 06:54:57 -0000 On Sunday 23 May 2004 01:56, Robert Storey wrote: > On Sat, 22 May 2004 12:54:29 +0200 > > platanthera wrote: > > On Friday 21 May 2004 17:49, platanthera wrote: > > > hi all, > > > > > > I want to move my home directory to a gbde encrypted partition. > > > I plan to have only the default dotfiles in /home/xxx (before > > > mounting the encrypted partition), log in as usual, attach and > > > fsck the encrypted partion and then mount it 'over' /home/xxx. Is > > > there anything wrong with this approach? > > > > hmm... obviously there is something wrong. I can't unmount my > > current home directory later. Not really surprising.. > > Interesting question. File /etc/passwd is where the system determines > where a user's data files will > be located. For example, user "robert" on my system: > > root@sonic:~> cat /etc/passwd | grep robert > robert:*:1005:1006:User &:/home/robert:/usr/local/bin/bash > > So just create a special user (using sysinstall), perhaps user > "secure". Instead of putting his login directory at /home/secure, put > it on /secure (a directory you manually create) and (as root) mount > /secure on an encrypted partition. After /secure is mounted, login as > user secure. You'll have to tweak permissions of course so that user > secure can read/write files on this partition. hi Robert, thanks for your reply. In the meantime I decided to move /home completely to an encrypted partition, which I attach and mount as root before logging in under my user account. Think that's the easiest approach.. best regards