pam_cloop 0.2.0 review

pam_cloop is a PAM module which tries to mount encrypted partitions when you log in. In order to successfully log in, you have to

License: GPL (GNU General Public License) File size: 12K Developer: Max Kellermann

0

pam_cloop is a PAM module which tries to mount encrypted partitions when you log in.

In order to successfully log in, you have to enter your cryptoloop pass phrase in addition to your unix password.

My notebook had my home directory on an encrypted partition since I upgraded to Linux 2.5. It was rather annoying to have to log in as root first, then mount my home, and log in again as my normal user. Everybody's lazy, so am I.

I wrote this module to do that in one step: enter user name, the passphrase, and finally my normal password. No root login required.

By making this easy (but not insecure), I want to motivate myself (and everybody else) to put everything on encrypted devices. There are so many reasons for encryption.

Why not pam_mount.so? pam_mount.so uses a hack to store pass phrases in encrypted files... I won't go into detail here, I only tell you I don't like pam_mount.so. If you find pam_mount.so more appropriate, go ahead.