You are not logged in.
- Topics: Active | Unanswered
#1 2021-04-20 07:46:59
- ArchNewbieKernel
- Banned
- Registered: 2020-09-25
- Posts: 74
Encrypt /home directory
I have Arch installed but forgot to do the encrypt /home directory during installation. What is the most efficient way to catch it up?
I like to do it with cryptsetup.
Offline
#2 2021-04-20 10:18:59
- str0gg
- Member
- Registered: 2012-12-01
- Posts: 75
- Website
Re: Encrypt /home directory
1. move current file system to backup drive with cp -a
2. with archusb encrypt drives
3. copy from bacukp with cp -a
do not override efi partition in the process and its done.
--
edit
and adjust kernel parameters, crypttab accordingly
Last edited by str0gg (2021-04-20 10:20:40)
Offline
#3 2021-04-20 12:07:13
- ArchNewbieKernel
- Banned
- Registered: 2020-09-25
- Posts: 74
Re: Encrypt /home directory
Y
1. move current file system to backup drive with cp -a
2. with archusb encrypt drives
3. copy from bacukp with cp -ado not override efi partition in the process and its done.
--
edit
and adjust kernel parameters, crypttab accordingly
This isn't what I asked for...
Read my post to specifically see what it is about...its NOT about the whole disk but home directory only. RTFP
Last edited by ArchNewbieKernel (2021-04-20 12:09:01)
Offline
#4 2021-04-20 12:24:56
- V1del
- Forum Moderator
- Registered: 2012-10-16
- Posts: 21,672
Re: Encrypt /home directory
You still need to copy everything in /home somewhere else. Existing data will be destroyed once you setup encryption.
However it is an approach that can be used, i'ts ambiguous to me whether you are talking about a partition or just a directory, provide clarification instead of being aggressive towards a well intentioned suggestion: https://gitlab.archlinux.org/archlinux/ … ther-users
Last edited by V1del (2021-04-20 12:30:48)
Offline
#5 2021-04-20 12:30:24
- respiranto
- Member
- Registered: 2015-05-15
- Posts: 479
- Website
Re: Encrypt /home directory
This isn't what I asked for...
Read my post to specifically see what it is about...its NOT about the whole disk but home directory only. RTFP
Well, then don't use the Arch USB.
Also, I'd suggest to use tar (or rsync, dd) for backup.
See also `/usr/share/doc/cryptsetup/FAQ' (2.5).
What is the most efficient way to catch it up?
cryptsetup-reencrypt(8) --new or cryptsetup(8) reencrypt --encrypt.
Edit: Copying is actually more efficient, if the filesystem is mostly empty and you do not fill the partition with random data before copying the actual data, which however is generally strongly recommended.
Last edited by respiranto (2021-04-20 12:38:51)
Offline