Mailinglist Archive: opensuse-factory (1165 mails)
| < Previous | Next > |
Re: [opensuse-factory] dist meeting minutes 2006-11-16
- From: mhilzinger@xxxxxxxxxxxxxxxx (Marcel Hilzinger)
- Date: Fri, 17 Nov 2006 17:04:51 +0100
- Message-id: <20061117160452.7D9EE74F4D@xxxxxxxxxxxxxxxxxxxxxxx>
On Fri, Nov 17, 2006 at 11:58:53AM +0100, Andreas Jaeger wrote:
>
> FYI, here're the minutes from our discussion. I hope to see this for
> 10.3...
>
> Andreas
>
> Topic: Encrypted Home Directories
>
> * Main new feature: Per user encrypted home
>
> * Proposal:
> - Enable per user encrypted home partitions (using pam_mount)
> - use dm-crypt + LUKS as default instead of cryptoloop
>
> Challenges + Problems:
>
> * currently KDM accesses home directory before authentification (after
> user name is known) to get information about the last session. An
> encrypted home partition this needs changes in the logic.
What about encrypting ~/Documents only per default? Other diretories
could be added by the user easily.
Mandriva has a very smart way and a nice gui. The encrypted folder is
loopmounted over the same folder. So you have
/home/joe/secret (which is a dm-crypt container)
/home/joe/secret (which shows the unencrypted content after giving the
right password.
Ideally Konqueror/Nautilus should ask automatically for a passphrase, when clicking on an encrypted container.
Of course it would be nicer to have full /home encrypted.
>
> * For ssh-key it's a problem to read the key files since they are
> stored in the home directory, only password authentification would
> work.
>
> * Other programs might read the homedirectory, like procmail. We have
> to check which other programs do this and decide how to handle this,
> e.g. a shadow home directory (or union filesystems) for procmail,
> secret keys...
>
> * Backup software is a challenge, users want encrypted backups.
>
> * Manually mounting via /etc/fstab is not possible currently with
> dm-crypt, other distributions use /etc/fscrypttab or we would need
> to extra add support to allow this with /etc/fstab.
>
> Use-case: A separate encrypted partition with secrect data that is
> only mounted manually if needed by the user and then unmounted
> again.
>
> * On-the-fly upgrade would be fine. Unfortunately dm-crypt uses two
> extra blocks so this cannot be done without losing data.
>
> * 10.2 has all the basic support for dm-crypt and LUKS but it's not
> integrated.
>
> * Linux only supports only 255 loopback mounts, so this limits the
> maximum of users that can be logged in at the same time.
>
> * FUSE and encrypted single files would be an option as well but there
> are some drawbacks with it.
>
> * Use case: Laptop stolen or taken away. If one user is comprimised,
> not all should be comprised.
>
> * Masterkey that is encrypted by the users login, so that only one
> password is needed to login.
>
> * screensaver issues (just close the lid)
> What happens with a locked screen and laptop taken away still running?
>
> * suspend to disk
> How to handle suspend to disk? Umount before suspend and remount later?
>
> Changes for this:
>
> YaST changes:
> * support dm-crypt by default for new installations in yast2-storage
> * during user creation allow creation of encrypted home directories
> * During update: Support old cryptoloop partitions and allow new
> installations.
>
> Base system changes:
> * Using pam_mount
> * Enable dm-crypt in boot.crypto
> * Handle /etc/fstab unless to not regress
> * Migration programs to migrate from cryptoloop to dm-crypt
>
>
> Andreas
> --
> Andreas Jaeger, aj@xxxxxxx, http://www.suse.de/~aj/
> SUSE Linux Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
> GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
>
> FYI, here're the minutes from our discussion. I hope to see this for
> 10.3...
>
> Andreas
>
> Topic: Encrypted Home Directories
>
> * Main new feature: Per user encrypted home
>
> * Proposal:
> - Enable per user encrypted home partitions (using pam_mount)
> - use dm-crypt + LUKS as default instead of cryptoloop
>
> Challenges + Problems:
>
> * currently KDM accesses home directory before authentification (after
> user name is known) to get information about the last session. An
> encrypted home partition this needs changes in the logic.
What about encrypting ~/Documents only per default? Other diretories
could be added by the user easily.
Mandriva has a very smart way and a nice gui. The encrypted folder is
loopmounted over the same folder. So you have
/home/joe/secret (which is a dm-crypt container)
/home/joe/secret (which shows the unencrypted content after giving the
right password.
Ideally Konqueror/Nautilus should ask automatically for a passphrase, when clicking on an encrypted container.
Of course it would be nicer to have full /home encrypted.
>
> * For ssh-key it's a problem to read the key files since they are
> stored in the home directory, only password authentification would
> work.
>
> * Other programs might read the homedirectory, like procmail. We have
> to check which other programs do this and decide how to handle this,
> e.g. a shadow home directory (or union filesystems) for procmail,
> secret keys...
>
> * Backup software is a challenge, users want encrypted backups.
>
> * Manually mounting via /etc/fstab is not possible currently with
> dm-crypt, other distributions use /etc/fscrypttab or we would need
> to extra add support to allow this with /etc/fstab.
>
> Use-case: A separate encrypted partition with secrect data that is
> only mounted manually if needed by the user and then unmounted
> again.
>
> * On-the-fly upgrade would be fine. Unfortunately dm-crypt uses two
> extra blocks so this cannot be done without losing data.
>
> * 10.2 has all the basic support for dm-crypt and LUKS but it's not
> integrated.
>
> * Linux only supports only 255 loopback mounts, so this limits the
> maximum of users that can be logged in at the same time.
>
> * FUSE and encrypted single files would be an option as well but there
> are some drawbacks with it.
>
> * Use case: Laptop stolen or taken away. If one user is comprimised,
> not all should be comprised.
>
> * Masterkey that is encrypted by the users login, so that only one
> password is needed to login.
>
> * screensaver issues (just close the lid)
> What happens with a locked screen and laptop taken away still running?
>
> * suspend to disk
> How to handle suspend to disk? Umount before suspend and remount later?
>
> Changes for this:
>
> YaST changes:
> * support dm-crypt by default for new installations in yast2-storage
> * during user creation allow creation of encrypted home directories
> * During update: Support old cryptoloop partitions and allow new
> installations.
>
> Base system changes:
> * Using pam_mount
> * Enable dm-crypt in boot.crypto
> * Handle /etc/fstab unless to not regress
> * Migration programs to migrate from cryptoloop to dm-crypt
>
>
> Andreas
> --
> Andreas Jaeger, aj@xxxxxxx, http://www.suse.de/~aj/
> SUSE Linux Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
> GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |