Dear Wiki user, You have subscribed to a wiki page or wiki category on "Fedora Project Wiki" for change notification. The following page has been changed by PatrickErnzer: http://fedoraproject.org/wiki/Docs/Beats/FileSystems?action=diff&rev2=14&rev1=13 The comment on the change is: added an example of how to have encrypted /home ------------------------------------------------------------------------------ * Create a filesystem on the encrypted volume * Set up an `/etc/fstab` entry + Here is an example of changing one's existing `/home` to be encrypted. The following procedure will wipe all your existing data, so be sure to have a '''tested''' backup before you start. This also requires you to have a separate partition for `/home` (in my case that is `/dev/VG00/LV_home`). All the following must be done as '''root'''. Any of these steps failing means you must not continue until the step succeeded. + * enter runlevel1: {{{telinit 1}}} + * unmount your existing ''/home'': {{{umount /home}}} + * if it fails use ''fuser'' to find and kill processes hogging `/home`: {{{fuser -mvk /home}}} + * verify ''/home'' is not mounted any longer: {{{cat /proc/mounts | grep home}}} + * fill your partition with random data: {{{dd if=/dev/urandom of=/dev/VG00/LV_home}}} + * you're looking at a process that takes many hours, but it is imperative to do this in order to have good protection against break-in attempts. Just let it run overnight. + * initialise your partition: {{{cryptsetup --verbose --verify-passphrase luksFormat /dev/VG00/LV_home}}} + * open the newly encrypted device: {{{cryptsetup luksOpen /dev/VG00/LV_home home}}} + * check it's there: {{{ls -l /dev/mapper | grep home}}} + * create a filesystem: {{{mkfs.ext3 -j /dev/mapper/home}}} + * mount it: {{{mount /dev/mapper/home /home}}} + * check it's visible: {{{df -h | grep home}}} + * add the following to ''/etc/crypttab'': {{{home /dev/VG00/LV_home none}}} + * edit your ''/etc/fstab'', removing the old entry for ''/home'' and adding {{{/dev/mapper/home /home ext3 defaults 1 2}}} + * verify your fstab entry: {{{mount /home}}} + * reboot: {{{shutdown -r now}}} + + If all goes well with your ''/etc/crypttab'' entry, you will be asked your '''luks''' passphrase on boot. Log in as root and restore your backup. + -- Fedora-relnotes-content mailing list Fedora-relnotes-content@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-relnotes-content
