Hi, Am 19.03.2012 04:33, schrieb David Li: > 2. On each subsequent boot, how would I let dm-crypt to > automatically retrieve the passphrase once the user logins into the system. > Assume that the passphrase has been stored on the same server to store the > root fs. I don't want to force him to type in the LUKS passphrase again to > unlock the partitions. As Arno said, this is not secure at all. However, one can use the login password of the user (which is typed in anyway), either directly or indirectly. For example the gnome-keyring can securely store passwords and is decrypted automatically on login without an additional password. It might be easier for you to use ecryptfs, though. This does what you want by default (per-user encryption with no additional password to enter), you just need to set up an encrypted directory once for each user (could probably be automated). Of course, this is only secure if the login password is strong and the system and its administrator can be trusted. Greetings, Philipp _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
