Encrypted Home Directory

16 Jan, 2006

I finally set up my laptop to use an encrypted home directory. This was easy enough using dm-crypt and LUKS for loopback mounting a file to use as my home dir. I simply followed Rene Mayrhofer's short HOWTO.

This solution is a little bit hackish. When I log in and out from X, it does not seem to unmount the loopback device,log in from SSH is not possible (no support in libpam-mount), etc. I was also not surprised to find out that it is about three times slower than normal. (This is of course a very old computer, 333 MHz. A modern machine should be considerably faster).

Since only my home dir is encrypted, application startup time is not affected. I will use this setup for a while and see if it becomes painful or not. Either way, I will probably choose another solution (less hackish) in the future.

Edit. It seems the trouble I had with unmouting after using GDM was a configuration error in /etc/pam.d/gdm and as I don't run SSH by default on this machine, that is a very small problem.

Tags: debian, howto,