help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

How to create /home/user backed by LUKS device decrypted on login


From: Dr. Arne Babenhauserheide
Subject: How to create /home/user backed by LUKS device decrypted on login
Date: Mon, 01 Mar 2021 02:39:06 +0100
User-agent: mu4e 1.4.15; emacs 27.1

Hi,

The manual describes how to setup an encrypted root[1], but I got lost
trying to find out how to setup a user such that the device is opened at
login (with a prompt for the password) and closed at logout.

I need the --allow-discards option to cryptsetup open, to be
equivalent to the following:

    sudo cryptsetup open --allow-discards --type luks /dev/nvmeXnXp1 my-user

I need the user-home to be encrypted, i.e.
    
    mount LABEL=my-user /home/my-user

I’d like to set this in my /etc/config.scm but currently I have to
decrypt before logging in.

[1]: 
https://guix.gnu.org/manual/en/html_node/Keyboard-Layout-and-Networking-and-Partitioning.html
https://guix.gnu.org/manual/en/html_node/Mapped-Devices.html

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]