Re: Unusual LUKS setup
On Wed, Aug 16, 2017 at 09:48:23AM +0200, Bastien Durel wrote:
> Le lundi 14 août 2017 à 17:35 +0200, Nicolas George a écrit :
> > Le septidi 27 thermidor, an CCXXV, Bastien Durel a écrit :
> > > You don't. pam_mount will ask you for your password (after ssh
> > > authentication) if you didn't provided one
> > Thanks for the clarification. If you are right, then you probably
> > should
> > file a bug report for outdated documentation.
> > But still, "UsePrivilegeSeparation no" is a deal breaker on its own.
> > Regards,
> In my setup (openssh 7.5), there is no UsePrivilegeSeparation setting,
> it's on by default. And pam_mount is able to mount my encrypted
> partitions when I log via SSH.
If you need Goliath-OS compatible volumes, a year or so ago I managed
to script Veracrypt for a friend's "home" folder (forgotten what
that's even called on Windows sorry), and so they feel safe to be
able to 'upgrade' to any real operating system in the future.