Comments on: Encrypted home on Ubuntu using cryptoloop http://www.felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/ A little bit of technology, security and networking with Linux, FreeBSD and Mac OS X, plus some personal opinions. Tue, 02 Feb 2010 09:15:52 -0700 http://wordpress.org/?v=2.9.2 hourly 1 By: relet http://www.felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/comment-page-1/#comment-36674 relet Sat, 02 Aug 2008 10:55:20 +0000 http://felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/#comment-36674 If you suddenly cannot execute files on your encrypted disk anymore, remove the "user" option from /etc/security/pam_mount.conf.xml in the last few lines. It overrides the exec option, effectively mounting your drive as "noexec". You will receive errors like: bash: ./executable: Permission denied. also, /usr/bin/env will fail to execute python and other scripts correctly. If you suddenly cannot execute files on your encrypted disk anymore, remove the “user” option from /etc/security/pam_mount.conf.xml in the last few lines. It overrides the exec option, effectively mounting your drive as “noexec”. You will receive errors like:
bash: ./executable: Permission denied.
also, /usr/bin/env will fail to execute python and other scripts correctly.

]]> By: Dany Chouinard http://www.felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/comment-page-1/#comment-36497 Dany Chouinard Mon, 07 Jan 2008 16:40:30 +0000 http://felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/#comment-36497 Nice tutorial, was great help for me. I used it to complement a linuxmagazine tutorial (august 2003 : Implementing Encrypted Home Directories by Mike Petullo). I was just wondering, Have you figured what to if the user change it's password (which he does every 6-8 month, of course, isn't it?). Nice tutorial, was great help for me. I used it to complement a linuxmagazine tutorial (august 2003 : Implementing Encrypted Home Directories by Mike Petullo).

I was just wondering, Have you figured what to if the user change it’s password (which he does every 6-8 month, of course, isn’t it?).

]]> By: ravn http://www.felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/comment-page-1/#comment-36494 ravn Thu, 03 Jan 2008 17:28:45 +0000 http://felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/#comment-36494 Without having tried, would it be possible to encrypt the file system with another password than the user password? Having the same password stored in two places, /etc/shadow and USER.key makes it more vulnerable. Without having tried, would it be possible to encrypt the file system with another password than the user password? Having the same password stored in two places, /etc/shadow and USER.key makes it more vulnerable.

]]> By: Kalisto http://www.felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/comment-page-1/#comment-35746 Kalisto Wed, 30 May 2007 12:43:36 +0000 http://felipe-alfaro.org/blog/2006/08/19/encrypted-home-on-ubuntu-using-cryptoloop/#comment-35746 Great Tutorial!! btw # echo “@include common-pammount” >> /etc/pam.d/common-auth # echo “@include common-pammount” >> /etc/pam.d/common-session should be: # echo @include common-pammount >> /etc/pam.d/common-auth # echo @include common-pammount >> /etc/pam.d/common-session and: echo “volume ${USER} auto - /home/${USER}.img /home/${USER} loop,user,exec,encryption=aes,keybits=${KEYSIZE} aes-${KEYSIZE}-ecb /home/${USER}.key” >> /etc/security/pam_mount.conf should be: echo volume ${USER} auto - /home/${USER}.img /home/${USER} loop,user,exec,encryption=aes,keybits=${KEYSIZE} aes-${KEYSIZE}-ecb /home/${USER}.key >> /etc/security/pam_mount.conf Also there is a bug with ubuntu and pam mount: https://bugs.launchpad.net/ubuntu/ source/libpam-mount/ bug/117736 Great Tutorial!! btw

# echo “@include common-pammount” >> /etc/pam.d/common-auth
# echo “@include common-pammount” >> /etc/pam.d/common-session

should be:

# echo @include common-pammount >> /etc/pam.d/common-auth
# echo @include common-pammount >> /etc/pam.d/common-session

and:
echo “volume ${USER} auto – /home/${USER}.img /home/${USER} loop,user,exec,encryption=aes,keybits=${KEYSIZE} aes-${KEYSIZE}-ecb /home/${USER}.key” >> /etc/security/pam_mount.conf

should be:
echo volume ${USER} auto – /home/${USER}.img /home/${USER} loop,user,exec,encryption=aes,keybits=${KEYSIZE} aes-${KEYSIZE}-ecb /home/${USER}.key >> /etc/security/pam_mount.conf

Also there is a bug with ubuntu and pam mount:
https://bugs.launchpad.net/ubuntu/ source/libpam-mount/ bug/117736

]]>