On Fri, 30 Mar 2018 15:22:35 -0400 Neal Becker <ndbecker2@xxxxxxxxx> wrote: > I want to move my /home to encryption. One possibility seems to be to use > ecryptfs. I tried creating a test user, and the following: > https://cloud-ninja.org/2014/04/05/fedora-encrypting-your-home-directory/ > (following "easy way" instructions). If this is easy, I don't want to know what you think is difficult ... :) But seriously, and in short: I can post here precise instructions on how to create a fully encrypted container in /home with luks/cryptsetup. That is, I did that myself, ~ ten years ago, and wrote down notes on exactly what I did to realize that container. I will post the commands I ran, with very few comments about what the single commands mean. You can determine the size of the container according to your needs, limited only by the size of the partition where /home is sitting. That is, this container will take only a limited part of the whole size of /home. As I understand your whole OS is living on a single partition: so the container size might be limited only by the size of this partition, and your needs for the rest of / ... I filled the container with an ext3 FS. I think ext4 should be no problem nowadays ... no idea whether this approach is reasonable on Btrfs. Practically this means you'll have to enter a password to open the encrypted container every time *after* logging in to /home if you want to see the data in it. It also means your data on that container will remain encrypted the moment you shutdown the disk with that encrypted container on it. I used that approach for years successfully. Interested in how to do it? -- Wolfgang Pfeiffer _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
