ecryptfs default config
Damian Ivanov
damianatorrpm at gmail.com
Sun Sep 2 13:37:29 UTC 2012
Hi John,
I appreciate your fast answer!
So what can I do to prevent this default behaviour? e.g if password
gets changed data is unreadable unless to have the secret key?
Wouldn't this be a more reasonable default?
Best regards,
Damian
2012/9/2 John Moser <john.r.moser at gmail.com>:
> Yes that would indicate that there's a key stored somewhere that doesn't
> need a known secret, unless pam is storing a key and re-crypting it when you
> change passwords (unlikely).
>
>
> On 09/02/2012 09:16 AM, Damian Ivanov wrote:
>>
>> Hi folks,
>>
>> I just did an ubuntu 12.04 fresh install and I wanted to test
>> something in ecryptfs. So basically I selected during install to
>> require password to login and to encrypt home folder. I logged in and
>> created secret.txt on my desktop and shut down. I booted up again but
>> in bootloader I appended init=/bin/bash booted into the root shell,
>> did a
>> mount -o remount,rw / and passwd $my_user set a new password and
>> rebooted. After reboot I logged into $my_user account with the new
>> password. secret.txt is readable and all other files too. Is this the
>> expected behaviour?! If yes isn't it better to change the behaviour to
>> something more secure...
>>
>> Regards,
>> Damian
>>
>
More information about the Ubuntu-devel-discuss
mailing list