FYI, here're the minutes from our discussion. I hope to see this for 10.3... Andreas Topic: Encrypted Home Directories * Main new feature: Per user encrypted home * Proposal: - Enable per user encrypted home partitions (using pam_mount) - use dm-crypt + LUKS as default instead of cryptoloop Challenges + Problems: * currently KDM accesses home directory before authentification (after user name is known) to get information about the last session. An encrypted home partition this needs changes in the logic. * For ssh-key it's a problem to read the key files since they are stored in the home directory, only password authentification would work. * Other programs might read the homedirectory, like procmail. We have to check which other programs do this and decide how to handle this, e.g. a shadow home directory (or union filesystems) for procmail, secret keys... * Backup software is a challenge, users want encrypted backups. * Manually mounting via /etc/fstab is not possible currently with dm-crypt, other distributions use /etc/fscrypttab or we would need to extra add support to allow this with /etc/fstab. Use-case: A separate encrypted partition with secrect data that is only mounted manually if needed by the user and then unmounted again. * On-the-fly upgrade would be fine. Unfortunately dm-crypt uses two extra blocks so this cannot be done without losing data. * 10.2 has all the basic support for dm-crypt and LUKS but it's not integrated. * Linux only supports only 255 loopback mounts, so this limits the maximum of users that can be logged in at the same time. * FUSE and encrypted single files would be an option as well but there are some drawbacks with it. * Use case: Laptop stolen or taken away. If one user is comprimised, not all should be comprised. * Masterkey that is encrypted by the users login, so that only one password is needed to login. * screensaver issues (just close the lid) What happens with a locked screen and laptop taken away still running? * suspend to disk How to handle suspend to disk? Umount before suspend and remount later? Changes for this: YaST changes: * support dm-crypt by default for new installations in yast2-storage * during user creation allow creation of encrypted home directories * During update: Support old cryptoloop partitions and allow new installations. Base system changes: * Using pam_mount * Enable dm-crypt in boot.crypto * Handle /etc/fstab unless to not regress * Migration programs to migrate from cryptoloop to dm-crypt Andreas -- Andreas Jaeger, aj@suse.de, http://www.suse.de/~aj/ SUSE Linux Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126