You are not logged in.
- Topics: Active | Unanswered
#1 2023-01-01 21:14:58
- userrrr
- Member
- Registered: 2023-01-01
- Posts: 7
question: how to encrypt and automount home director with gocryptfs
hello
i have an unencrypted install on which i would like to switch to an gocryptfs-encrypted home directory.
I would like it to be automatically decrypted and mounted once the use logs in.
I found a tutorial how to achieve this, but it is for Ubuntu.
https://web.archive.org/web/20221227174 … gocryptfs/
Tried to folloe it, hoping it would work on arch as well, but I already fail at installing libpam-mount ( pacman -S libpam-mount it says error: target not found: libpam-mount )
and cannot edit the file /etc/security/pam_mount.conf.xml since it does not exist here. It seems the remaining steps would be straight-forward but this libpam-mount seems not to exist on arch. Am I doing it wrongly, or does it have a different name here?
Thank you in advance.
Offline
#2 2023-01-01 22:24:37
- Slithery
- Administrator
- From: Norfolk, UK
- Registered: 2013-12-01
- Posts: 5,776
Re: question: how to encrypt and automount home director with gocryptfs
Do you have to use gocryptfs? If not then I'd use systemd-homed instead as it's already built into the base system.
Offline
#3 2023-01-02 19:58:45
- userrrr
- Member
- Registered: 2023-01-01
- Posts: 7
Re: question: how to encrypt and automount home director with gocryptfs
Thank you for the link, Slithery.
I read good things about gocryptfs, so I liked the idea of using it. If it is not possible, or not easily possible, I am open to other options too.
Just had a quick look at the page, it has quite a lot of info. Fell a bit overwhelmed.
So it seems like I should log out of my user account, log into root account and do homectl create username --storage=luks
Is that correct?
It also mentions btrfs, my system is on btrfs with @home automatically mounted via fstab, I now just want to migrate my existing /home/user (unencrpyted) to /home/user (encrpyted) with automatic unmounting after a certain amount of time of inactivity.
Offline
#4 2023-01-03 05:11:11
- cfr
- Member
- From: Cymru
- Registered: 2011-11-27
- Posts: 7,178
Re: question: how to encrypt and automount home director with gocryptfs
My understanding is that systemd-homed doesn't support encryption with a btrfs subvolume, though you could use a btrfs filesystem inside the encrypted volume. Otherwise, maybe one of the encryption suggestions mentioned here would help?
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline