Dear Fedora Developers

I want to be able to click a tickybox in anaconda/live-cd when setting up my home partition:

[X] Encrypt home directory

And then for everything to just unlock when I enter my login password at GDM. Why am I drowning in concepts like dm-script, pam, cryptsetup and all that other geeky stuff for something so trivial? If you do this I'll be happier than a dog with two thingies.

One response to “Dear Fedora Developers”

  1. Anonymous

    We're working on some bits for easier file system (well, really block device) encryption for Fedora 9 that will basically boil down to [X] Encrypt and protect data that then prompts you to unlock at boot. First anaconda bits landed about a week ago, but there's still quite a bit more work to do. The problem with the “encrypt my home directory” case is that all of the encryption solutions are block device based. And a separate block device per user home directory just doesn't scale. Growing and shrinking filesystems online sucks (ie, you can't shrink) and you can't know a priori how much space each user is going to need. So blah, losing. eCryptFS is somewhat promising as an overlay filesystem, but alas, not nearly ready and progress is slow on things like separate encryption keys per fs subtree and allowing things like a ~/Public which _isn't_ encrypted (so that it can be access by apache which won't have access to your keyring and thus wouldn't be able to decrypt it)

Bad Behavior has blocked 2769 access attempts in the last 7 days.