Encrypted home partition accessible by administrator
clanlaw at gmail.com
Tue Apr 23 10:12:36 UTC 2019
On Tue, 23 Apr 2019 at 08:41, <J.Witvliet at mindef.nl> wrote:
> Often one needs tot think about WHAT you are protecting against WHO, at WHICK costs....
> It is possible to encrypt your entire home directory of a specific user,
> And requiring him to provide an additional passphrase or PIN after the user logs in,
> Thus protecting its content not only against other users, even against the root-user.
Can you point me to instructions on doing that please? The usual
instructions do not appear to include the provision of an additional
> However, the moment the directory is mounted, root still has access to it, as long the user is logged in.
Understood, I think I can cope with that issue separately.
> It might be wiser to add additional layers of obfuscation, like a second (nested vault) that is only opened as long the user needs any of the files in it (during read or write)
> And one might encrypt each individual file...
I will look into those options.
More information about the ubuntu-users