| Gordon Dexter on 10 Jan 2011 22:06:01 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Alternate /home (new topic) |
[KSB2] Yes, that's all there is to it! A /home with innocuous home2011/1/10 Art Alexion <art.alexion@gmail.com>:
> On Mon, Jan 10, 2011 at 1:29 PM, K.S. Bhaskar <bhaskar@bhaskars.com> wrote:
>> 2011/1/10 Art Alexion <art.alexion@gmail.com>:
>>> On Sun, Jan 9, 2011 at 2:09 PM, K.S. Bhaskar <bhaskar@bhaskars.com> wrote:
>>>> I always set up a system with two alternate root partitions.
>>>>
>>>> Once I set up the initial root partition, I copy it over to another
>>>> partition mounted as /spare. Getting it to mount requires some minor
>>>> editing of /etc/fstab and grub setup. Each mounts the other as
>>>> /spare. I confirm that I can boot both. Then I boot the alternate
>>>> root only occasionally, just to verify that it's still sound. Now, if
>>>> I have some software updates go awry, or a version upgrade that fails,
>>>> I just switch to the alternate root (and as likely as not make it my
>>>> main root and recreate the original root from it).
>>>>
>>>> I always set up an encrypted /home. But I configure my PC so that I
>>>> can login without /home mounted. When I cross an international border
>>>> with my laptop, I always cross it with the laptop powered down. Then
>>>> if I am asked to boot it, I boot it, and can login - but it will be an
>>>> innocuous /home, not my real /home (not that I have ever been asked to
>>>> boot my laptop - just a sensible precaution, IMHO). To mount the
>>>> encrypted /home, I login as root and run a shell script:
>>>
>>>> In these days of monster disks, I usually have the fourth partition
>>>> mounted as /extra from both roots. I use this for anything that I am
>>>> working on that doesn't need to be encrypted (e.g., since the software
>>>> I work with, GT.M, is FOSS, I don't need an encrypted development
>>>> environment for it.
>>>
>>> I really like this idea. I understand that your shell script switches
>>> between homes, but how did you set it up in the first place?
>>
>> [KSB] Art, I don't quite understand the question. Are you asking how
>> I initially create a /home? Or how I mount /home when I boot the
>> laptop?
>
> I guess I am trying to understand the setup. Is is simply a matter of
> multiple homes associated with multiple users, one innocuous, and the
> important one encrypted, or is it more than that?
directories and an encrypted /home with "real" home directories. It
won't fool an expert for more than thirty seconds, but that's not my
intent (if I had data that I really wanted to hide, I wouldn't carry
it with me in the first place). The most likely scenario is being
asked to boot my laptop at a border somewhere for a cursory
examination, and I expect that my scheme will get me past that sort of
check.
Regards
-- Bhaskar
--
Windows does to computers what smoking does to humans
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug