LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Passwords in home?

Passwords in home?

Posted Mar 27, 2012 17:21 UTC (Tue) by jspaleta (subscriber, #50639)
In reply to: Passwords in home? by phajdan.jr
Parent article: Shadow hardening

As to 1)

There is already a similar real-world situation with ssh keys.
Normally ssh keys are handled in a per user fashion and are stored in $HOME/.ssh/ on traditional multi-user linux distribution.

On linux distributions which encourage the use of ecryptfs for home directories.. the default ssh configuration which looks for ssh keys stored in $HOME/.ssh/ no longer works if the user is not already logged in via another means. Password login via ssh still works (if its enabled) because the pam stack for ssh is looking at the systemwide passwd/shadow information. If the user password was in the home directories, then ecryptfs-like encyption of home directories would have to be re-engineered.

-jef

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds