You are not logged in.

#1 2023-01-01 21:14:58

userrrr
Member
Registered: 2023-01-01
Posts: 7

question: how to encrypt and automount home director with gocryptfs

hello

i have an unencrypted install on which i would like to switch to an gocryptfs-encrypted home directory.
I would like it to be automatically decrypted and mounted once the use logs in.

I found a tutorial how to achieve this, but it is for Ubuntu.
https://web.archive.org/web/20221227174 … gocryptfs/

Tried to folloe it, hoping it would work on arch as well, but I already fail at installing libpam-mount ( pacman -S libpam-mount it says error: target not found: libpam-mount )
and cannot edit the file /etc/security/pam_mount.conf.xml since it does not exist here. It seems the remaining steps would be straight-forward but this libpam-mount seems not to exist on arch. Am I doing it wrongly, or does it have a different name here?

Thank you in advance.

Offline

#2 2023-01-01 22:24:37

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: question: how to encrypt and automount home director with gocryptfs

Do you have to use gocryptfs? If not then I'd use systemd-homed instead as it's already built into the base system.

https://wiki.archlinux.org/title/Systemd-homed


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#3 2023-01-02 19:58:45

userrrr
Member
Registered: 2023-01-01
Posts: 7

Re: question: how to encrypt and automount home director with gocryptfs

Thank you for the link, Slithery.
I read good things about gocryptfs, so I liked the idea of using it. If it is not possible, or not easily possible, I am open to other options too.
Just had a quick look at the page, it has quite a lot of info. Fell a bit overwhelmed.
So it seems like I should log out of my user account, log into root account and do  homectl create username --storage=luks
Is that correct?
It also mentions btrfs, my system is on btrfs with @home automatically mounted via fstab, I now just want to migrate my existing /home/user (unencrpyted) to /home/user (encrpyted) with automatic unmounting after a certain amount of time of inactivity.

Offline

#4 2023-01-03 05:11:11

cfr
Member
From: Cymru
Registered: 2011-11-27
Posts: 7,178

Re: question: how to encrypt and automount home director with gocryptfs

My understanding is that systemd-homed doesn't support encryption with a btrfs subvolume, though you could use a btrfs filesystem inside the encrypted volume. Otherwise, maybe one of the encryption suggestions mentioned here would help?


CLI Paste | How To Ask Questions

Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L

Offline

Board footer

Powered by FluxBB