Hi andreas,
I'm sorry, if this are the changes that you would like to commit in 10.3, can you consider to adding the support for the apt repository? I ask this because in my community (
www.suseitalia.org) there are a lot of people that use apt4rpm, and i saw that in 10.1 yast can use the YUM sources, and us think that apt is more better than yum.
Thank for your consideration.
Vincenzo
FYI, here're the minutes from our discussion. I hope to see this for
10.3...
Andreas
Topic: Encrypted Home Directories
* Main new feature: Per user encrypted home
* Proposal:
- Enable per user encrypted home partitions (using pam_mount)
- use dm-crypt + LUKS as default instead of cryptoloop
Challenges + Problems:
* currently KDM accesses home directory before authentification (after
user name is known) to get information about the last session. An
encrypted home partition this needs changes in the logic.
* For ssh-key it's a problem to read the key files since they are
stored in the home directory, only password authentification would
work.
* Other programs might read the homedirectory, like procmail. We have
to check which other programs do this and decide how to handle this,
e.g. a shadow home directory (or union filesystems) for procmail,
secret keys...
* Backup software is a challenge, users want encrypted backups.
* Manually mounting via /etc/fstab is not possible currently with
dm-crypt, other distributions use /etc/fscrypttab or we would need
to extra add support to allow this with /etc/fstab.
Use-case: A separate encrypted partition with secrect data that is
only mounted manually if needed by the user and then unmounted
again.
* On-the-fly upgrade would be fine. Unfortunately dm-crypt uses two
extra blocks so this cannot be done without losing data.
* 10.2 has all the basic support for dm-crypt and LUKS but it's not
integrated.
* Linux only supports only 255 loopback mounts, so this limits the
maximum of users that can be logged in at the same time.
* FUSE and encrypted single files would be an option as well but there
are some drawbacks with it.
* Use case: Laptop stolen or taken away. If one user is comprimised,
not all should be comprised.
* Masterkey that is encrypted by the users login, so that only one
password is needed to login.
* screensaver issues (just close the lid)
What happens with a locked screen and laptop taken away still running?
* suspend to disk
How to handle suspend to disk? Umount before suspend and remount later?
Changes for this:
YaST changes:
* support dm-crypt by default for new installations in yast2-storage
* during user creation allow creation of encrypted home directories
* During update: Support old cryptoloop partitions and allow new
installations.
Base system changes:
* Using pam_mount
* Enable dm-crypt in boot.crypto
* Handle /etc/fstab unless to not regress
* Migration programs to migrate from cryptoloop to dm-crypt
Andreas
--
Andreas Jaeger, aj@suse.de, http://www.suse.de/~aj/
SUSE Linux Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126