Differences

This shows you the differences between two versions of the page.

--- computing:encryption [2019/07/20 13:00] – oemb1905
+++ computing:encryption [2024/01/29 18:01] – oemb1905
@@ Line 1: / Line 1: @@
 -------------------------------------------
   * **encryption**
@@ Line 9: / Line 8: @@
 Creating a encrypted partition for your workstation using cryptsetup.
+  sudo apt-get install cryptsetup libpam-mount
   cryptsetup luksFormat /dev/sdaX
   cryptsetup luksOpen /dev/sdaX vault
@@ Line 49: / Line 50: @@
   </dev/mapper/sdb1_crypt /media/vault     xfs    defaults      0     2>
-Okay, reboot and test.  If it fails, boot into recovery mode and comment out the fstab entry until you get everything set up properly.
+Alternately, you may want to let pam_mount manage the crypt mounting and/or map the crypt to your home partition. If you do this, make sure the crypt password matches your user login password.
+  rsync -av /home /backup
+  umount /home/
+  cryptsetup luksFormat /dev/sdaX
+  cryptsetup luksOpen /dev/sdaX home
+  mkfs.xfs -L home /dev/mapper/home
+  mount /dev/mapper/home /home/
+  rsync -av /backup/home/ /home
+  sudo nano /etc/security/pam_mount.conf.xml
+  <volume user="username" fstype="crypt" path="/dev/disk/by-uuid/21sdsd" mountpoint="/home" options="noatime,exec,fsck,nodev,nosuid"/>
+Remove the error "HXproc_run_async: pmvarrun: No such file or directory" by declaring /usr/sbin path for regular users.
+  sudo nano /etc/security/pam_mount.conf.xml
+  <pmvarrun>/usr/sbin/pmvarrun -u %(USER)</pmvarrun>
- --- //[[netcmnd@jonathanhaack.com|oemb1905]] 2019/07/20 06:49//
+ --- //[[jonathan@haacksnetworking.org|oemb1905]] 2024/01/29 17:55//

Haack's Wiki

User Tools

Site Tools

Differences

Page Tools