Answer the question
In order to leave comments, you need to log in
P
P
Pavel2021-11-12 11:38:47
Pavel, 2021-11-12 11:38:47
If the home folder is encrypted, can data still be stolen?
I installed kubuntu for myself, encrypted the home folder according to the instructions
https://losst.ru/shifrovanie-domashnej-papki-v-ubuntu
, if I boot from a live cd, you can see that there are 2 files inside the folder, that is, there is nothing available and everything is buzzing, but!
if someone gains access to a PC and through the same live cd enters and resets the root password, will he get access to the encrypted data?
5 answer(s)
@CityCat4
What for? So who are you trying to protect yourself from?
From a wife / husband / neighbor - it doesn’t make much sense, unless you live in a hostel.
From the employer when remote - well, maybe there is some sense ...
From the employer in the office, from the state - there is no point, since no one will break your "protection". They will break you.
Encryption of file systems has nothing to do with the user's password. It is performed either by a password entered from the keyboard (often not stored anywhere - if the password is forgotten, given to piz..c), or by a certificate that can be stored somewhere - and if you know where to steal it, you can decrypt it.
@zkrvndm
@PleasantNews
@vitaly_il1
As far as I understand, no - since you need a password for decryption, just logging in as this user is not enough.
@AlexVWill
C
CityCat4, 2021-11-12 @CityCat4
encrypted the home folder according to the instructions
What for? So who are you trying to protect yourself from?
From a wife / husband / neighbor - it doesn’t make much sense, unless you live in a hostel.
From the employer when remote - well, maybe there is some sense ...
From the employer in the office, from the state - there is no point, since no one will break your "protection". They will break you.
Encryption of file systems has nothing to do with the user's password. It is performed either by a password entered from the keyboard (often not stored anywhere - if the password is forgotten, given to piz..c), or by a certificate that can be stored somewhere - and if you know where to steal it, you can decrypt it.
N
Nadim Zakirov, 2021-11-12 @zkrvndm
They can, since now all processors contain hardware backdoors, this is not to mention the fact that the Linux kernel can also have backdoors, i.e. there is no absolute protection.
I
Immanuil Motorcycles, 2021-11-12 @PleasantNews
Once, Edik Snowden told the whole world that even encrypted folders on Google.Docs are not a fig not encrypted inside their own. clouds and drew a picture on a napkin. The bottom line is that Edik had nothing to do with encryption, and encryption is different from encryption.
In this case, not files are encrypted, but the file system itself, a password and a key are used. So, even if the admin comes in and resets the root, he will not "reset" the file system encoding - he will just have something unreadable there in the "Admin_durak" folder
.
PS: well, only the processor backdoor on asm can help out [sarcasm]
V
Vitaly Karasik, 2021-11-12 @vitaly_il1
if someone gains access to a PC and through the same live cd enters and resets the root password, will he get access to the encrypted data?
As far as I understand, no - since you need a password for decryption, just logging in as this user is not enough.
A
AlexVWill, 2021-11-30 @AlexVWill
no, it won’t get it without keys... eCryptfs is basically a good thing, but inconvenient, it’s more convenient to make a separate LUKS partition and put the Home folder there, and if you need to store some work data, for example, large files, then it’s better to use VeraCrypt
Similar questions
S
H
D
J
B
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question