You are not logged in.
I've encrypted my root and home with this guide, but I don't like that my passphrases are stored in clear text in /etc/crypttab. Can they be encrypted? (Perhaps in a fashion similar to what wpa_passphrase does?)
Offline
crypttab is on an encrypted partition and therefore also encrypted.
Offline
Yeah I know, but doesn't it pose a security threat when the partition is mounted, that the passphrases are stored in clear text? They're only a sudo away.
Offline
Why not set it to ASK so you have to type them in when it boots?
Offline
Because I don't want to have to type two passphrases. I type the root passphrase. The home passphrase is in crypttab (on root).
Offline
from Arch LUKS Wiki
# head -n 220 /dev/urandom | tail -n 200 > /mnt/etc/home.key
# cryptsetup luksAddKey /dev/sda4 /mnt/etc/home.key
Enter any LUKS passphrase: myotherpassword
Verify passphrase: myotherpassword
key slot 0 unlocked.
Command successful.
in /etc/crypttab use this :
home /dev/sda4 /etc/home.key
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
(A works at time B) && (time C > time B ) ≠ (A works at time C)
Offline