Home_greyopenFATE - openSUSE feature tracking > #305552
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.

Support in YaST for public directories in encrypted home directories

Feature state

Rejected Information
Rejected Information


A follow on feature to #301923. There should be a way in the YaST users module to specify directories to make accessable in an encrypted home directory when the user is not logged in. See Bug #446317. I would suggest an editable list of directories to exclude from the encrypted image, with a reasonable set of defaults. Examples of directories to exclude ~/.vacation, ~/.procmail, ~/.forward, ~/public_html and ~/.ssh




icons/user_comment.png F. J. wrote: (8 years ago)


maybe if not in yast, it could be like in ubuntu a context menu in kde/gnome over files and folders to encrypt them, like in windows too.

So while you are logged they are decrypted to you but when not they are encrypted.


icons/user_comment.png J. E. wrote: (8 years ago)

What's wrong with having a ~/Encrypted subdirectory? You cannot possibly know in advance how many dot-files would need to be readable. To be frank, there are even non-dot-files like ~/public_html that ought to be readable.

icons/user_comment.png J. S. wrote: (8 years ago)

I don't think that this functionality belongs to YaST. It is decission of each individual user which directories he wants to have public and which encrypted, the administrator can hardly decide this for all users.

Please, reevaluate integration into KDE and GNOME instead of YaST.

icons/user_comment.png N. R. wrote: (4 years ago)

You can already do this, if you use "ecryptfs" instead of a loop-mounted encrypted home directory.
Simplest, for most people, is to run "ecryptfs-setup-private" which creates an encrypted subdirectory $HOME/Private

If you want almost everything encrypted, that works too. The "ecryptfs-migrate-home" script sets up an auxilliary directory as "/home/.ecryptfs/$USER". Put files there that you do not want encrypted, and add a symlink to there from both the encrypted home and from home when encrypted is not mounted. On one of my computers, I have ".ssh", "bin", "lib", ".dmrc" and probably a few other files visible when not logged in. Once setup, the individual user can adjust what is visible.

Last change: 4 years ago
Score: 1
  • Negative: 1
  • Neutral: 1
  • Positive: 2
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint