I just ran across a PAM module, pam_mount, and a patch for it which implements encrypted home directories. For example, an encrypted filesystem, call it /home/mike.img, could be mounted by PAM at /home/mike at login time and automatically unmounted upon logging out. I think this PAM module goes far to solve TODO problem number two on kerneli.org, "Security against theft of Linux machines." As a PAM module, it does so in a bit cleaner way than the login patch provided by the folks at grsecurity (http://www.grsecurity.net). I've been looking for a solution like this and was very excited to find pam_mount. However, I have not been able to find a valid email address for the author of either the module or the encrypted home directory patch. As far as I can tell pam_mount has not been worked on since late in 2001. Perhaps one of them is on this mailing list. Do any of you have any experience with this code? I really like it and would be willing to become its new maintainer if necessary. -- Mike :wq - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
