Mailinglist Archive: opensuse-features (54 mails)

< Previous Next >
[New: openFATE 323541] Drop cryptconfig support from YaST
Feature added by: Jan Matejek (matejcik)

Feature #323541, revision 1
Title: Drop cryptconfig support from YaST

Requested by: Jan Matejek (matejcik)
Partner organization:

Yast's Encrypted home directory feature was introduced in fate#253 (yes, that
low). The stated purpose was to support a scenario where you don't want to use
FDE but still want some measure of protection.

This was implemented by creating an encrypted loopback device and mounting it
to the user's home directory at login time through PAM. For supporting the
configuration, we have a homebrew tool called 'cryptconfig'.

The tool is not developed anymore, assumed mostly broken, and AFAICT this
feature hasn't worked as far back as SLE 11.

We propose to drop the cryptconfig tool from the distribution and remove
support from yast2-users.

* The method of choice doesn't make much sense from a security standpoint.
Encrypted data is only protected when the user is logged off, and only from
non-root users (root has the power to steal passwords at login) -- which is
something standard Unix permissions should normally guarantee you as well.
Maybe for data-at-rest (stolen laptop scenario) this is helpful, but that case
is covered by FDE.
* Using loopback devices sets a limit on the size of the home directory. More
modern methods, such as ecryptfs, allow the home directory to take up as much
space as it requires.
* Cryptconfig is an in-house tool with no community support, and we don't have
resources for necessary further development. It is slowly bitrotting away,
relying on deprecated PAM modules etc.
* just use FDE
* or implement instead ecryptfs support. According to [1], configuring ecryptfs
on SUSE is as simple as installing a package. ecryptfs is also in active
development and solves many issues with the security of encrypted loopback


Business case (Partner benefit): We don't have resources to maintain the cryptconfig tool, and the
whole method is obsolete anyway.

openSUSE Feature:

< Previous Next >
List Navigation
This Thread
  • No further messages
Follow Ups