From owner-freebsd-questions@FreeBSD.ORG Wed Mar 22 08:51:42 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C226316A422 for ; Wed, 22 Mar 2006 08:51:42 +0000 (UTC) (envelope-from kralph@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A0D343D60 for ; Wed, 22 Mar 2006 08:51:40 +0000 (GMT) (envelope-from kralph@gmail.com) Received: by zproxy.gmail.com with SMTP id 16so108558nzp for ; Wed, 22 Mar 2006 00:51:39 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=aud28wgdKetfGV5oHflQ6amZduF6+DMKfbkl2MKPuFQ8tVciK9wa9xpXlofeDMg/MwF9awqEPKdsQHJ2D2a+bs0Bgg1QQC+bPMvRsPegnfUGqHis7ngke/6LUcjYjNIm7qIErzbevZIrZUwnB2B6Wo5/FAEt9FG3s0cfF/CwXyw= Received: by 10.65.74.16 with SMTP id b16mr417308qbl; Wed, 22 Mar 2006 00:51:39 -0800 (PST) Received: by 10.65.253.17 with HTTP; Wed, 22 Mar 2006 00:51:39 -0800 (PST) Message-ID: <13d4d6bb0603220051x49fdb302v32bc501a81cb9a99@mail.gmail.com> Date: Wed, 22 Mar 2006 00:51:39 -0800 From: "Kenyon Ralph" To: "Erik Norgaard" In-Reply-To: <44210DFC.6000308@locolomo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <44210DFC.6000308@locolomo.org> Cc: freebsd-questions@freebsd.org Subject: Re: encrypted drives X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Mar 2006 08:51:42 -0000 On 3/22/06, Erik Norgaard wrote: > 2) One thing is to create an entire encrypted device for /home. But that > have the unfortunate consequence that other user's data is unencrypted > once the system is up. > > What would be more appropriate is a solution where each home-dir is an > encrypted mfs which is decrypted and mounted when the user log in, is > this possible? I think this is exactly what Mac OS X does with its FileVault feature.