Feature added by: Jan Matejek (matejcik) Feature #323541, revision 1 Title: Drop cryptconfig support from YaST Requested by: Jan Matejek (matejcik) Partner organization: openSUSE.org Description: Yast's Encrypted home directory feature was introduced in fate#253 (yes, that low). The stated purpose was to support a scenario where you don't want to use FDE but still want some measure of protection. This was implemented by creating an encrypted loopback device and mounting it to the user's home directory at login time through PAM. For supporting the configuration, we have a homebrew tool called 'cryptconfig'. https://github.com/openSUSE/cryptconfig The tool is not developed anymore, assumed mostly broken, and AFAICT this feature hasn't worked as far back as SLE 11. We propose to drop the cryptconfig tool from the distribution and remove support from yast2-users. Rationale: * The method of choice doesn't make much sense from a security standpoint. Encrypted data is only protected when the user is logged off, and only from non-root users (root has the power to steal passwords at login) -- which is something standard Unix permissions should normally guarantee you as well. Maybe for data-at-rest (stolen laptop scenario) this is helpful, but that case is covered by FDE. * Using loopback devices sets a limit on the size of the home directory. More modern methods, such as ecryptfs, allow the home directory to take up as much space as it requires. * Cryptconfig is an in-house tool with no community support, and we don't have resources for necessary further development. It is slowly bitrotting away, relying on deprecated PAM modules etc. Replacements: * just use FDE * or implement instead ecryptfs support. According to [1], configuring ecryptfs on SUSE is as simple as installing a package. ecryptfs is also in active development and solves many issues with the security of encrypted loopback devices 1] https://nwrickert2.wordpress.com/2013/04/05/using-ecryptfs-with-opensuse-12-... References: bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=1043410 Business case (Partner benefit): openSUSE.org: We don't have resources to maintain the cryptconfig tool, and the whole method is obsolete anyway. -- openSUSE Feature: https://features.opensuse.org/323541