Using USB key as real home and possible encryption?

Jamon Camisso jamon.camisso-H217xnMUJC0sA/PxXw9srA at public.gmane.org
Sun Apr 27 16:06:37 UTC 2014


On 04/26/2014 11:06 PM, Walter Dnes wrote:
>   Let's say I want to go travelling with my laptop, and I don't want to
> lose confidential stuff if I lose the laptop.  64 and 128 gigabyte USB
> keys are now available.  I intend to...
> 
> * set up an innocuous /home/waltdnes directory on the laptop
> * format a 64 or 128 gigabyte USB key as ext2fs
> * copy the contents of my desktop's /home/waltdnes directory to the key
> * when I want to use the "desktop $HOME dir", I'll mount the USB key over
>   top of /home/waltdnes, e.g...
>   mount -t ext2 /dev/sdb1 /home/waltdnes

You want to be absolutely certain that the permissions on unmounted
/home/waltdnes are something like 555 or even more restrictive. This
permission set will ensure that if the mount point fails e.g. you knock
your USB stick loose, or yank it out, or forget to mount it etc., that
no writes will accumulate in the unmounted /home/waltdnes directory.

This is critical because if you don't notice such a failure, nothing
gets written to the underlying unencrypted mount point.

On mount, the permissions of contained directories and files are then
used if you use ext4.

If you have an issue with mismatched uid/gid across the USB key and
different systems, you can use bindfs (http://bindfs.org/) to map your
systems' uid/gid to the filesystem's.

Cheers, Jamon
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list