LINUX LITE 7.2 FINAL RELEASED - SEE RELEASE ANNOUNCEMENTS SECTION FOR DETAILS


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
encrypthome instructions could be clearer
#1
First, kudos for discussing home directory encryption in your manual.

Unlike encrypting during install (which unfortunately doesn't work) encrypting with ecryptfs-migrate-home asks at some point for a "passphrase". It would be nice to know what the length/characters requirements are for this phrase. In the example, the user confirms the phrase with ecryptfs-unwrap-passphrase. A 32-character hexadecimal number displays. Is this the only acceptable format?

I'm a bit confused that the instructions say to run ecryptfs-add-passphrase and enter the login password, but the screen shot shows ecryptfs-add-passphrase requesting the passphrase. Which is it?

I tried reading /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html, but became even more confused. Partway through, it stops talking about "passphrase" and out-of-the-blue talks about "keys". Does passphrase=key or are they two different things?

I've used home directory encryption in Xubuntu before, but the encryption took place during install. I don't recall being asked for a passphrase. Encryption is rather exacting and any mistake could result in completely unrecoverable data. That's why instructions for it really need to be crystal clear.

Having said all this, I must repeat that Linux Lite is the best distro I've encountered for general use on modest machines.
Reply
#2
I just typed in a password and it worked for me.  same one i log in with 8 letters


from the help manual...
ecryptfs-add-passphrase
and enter your login password
Reply
#3
(04-24-2015, 10:24 PM)jcoles link Wrote: Unlike encrypting during install (which unfortunately doesn't work) encrypting with ecryptfs-migrate-home asks at some point for a "passphrase". It would be nice to know what the length/characters requirements are for this phrase. In the example, the user confirms the phrase with ecryptfs-unwrap-passphrase. A 32-character hexadecimal number displays. Is this the only acceptable format?

Just enter a password, any password. The 32 character string is the password you entered, encrypted.

(04-24-2015, 10:24 PM)jcoles link Wrote: I'm a bit confused that the instructions say to run ecryptfs-add-passphrase and enter the login password, but the screen shot shows ecryptfs-add-passphrase requesting the passphrase. Which is it?

What do you mean 'which is it'? The screenshot and the command are identical.

(04-24-2015, 10:24 PM)jcoles link Wrote: I tried reading /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html, but became even more confused. Partway through, it stops talking about "passphrase" and out-of-the-blue talks about "keys". Does passphrase=key or are they two different things?

You're reading more than you need to, this only serves to confuse you further. The Help Manual is all you need, unless you are trying to learn about the process of encrypting.

(04-24-2015, 10:24 PM)jcoles link Wrote: I've used home directory encryption in Xubuntu before, but the encryption took place during install. I don't recall being asked for a passphrase. Encryption is rather exacting and any mistake could result in completely unrecoverable data. That's why instructions for it really need to be crystal clear.

I'm not sure how much clearer they could be. I just ran through the tutorial step-by-step and there was no issue. We hope to have this working (Encrypt Home Drive) in a future version of LL during the install.

(04-24-2015, 10:24 PM)jcoles link Wrote: Having said all this, I must repeat that Linux Lite is the best distro I've encountered for general use on modest machines.

Thank you Smile
Reply
#4
(04-25-2015, 12:30 AM)jerobero500 link Wrote: I just typed in a password and it worked for me.  same one i log in with 8 letters


from the help manual...
ecryptfs-add-passphrase
and enter your login password

Yes, that's what I did, too. But ecryptfs utilities ask for "passphrase". Using the login password as the encryption passphrase is probably what happens when the home directory is encrypted during installation anyway.

I also saved on an SD card the output of ecryptfs-unwrap-passphrase as suggested, even though I don't understand why I would need that if I know my passphrase. With luck, I won't need to recover data from a wrecked system.

Thanks.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)