Fedora Security :: How To Secure Home Folder
Mar 19, 2010How to secure the Home folder. I forgot what the script was?
Something like chmod 0700 $HOME. Is that right? I'm just not sure.
How to secure the Home folder. I forgot what the script was?
Something like chmod 0700 $HOME. Is that right? I'm just not sure.
I don't use the Trash bin because it does not really delete things,speaking from a security point Instead, I gotten used to 'shred' and 'secure-delete' .But to move around files, cut-n-paste is very handy.And I was wandering if items from the Clip get stored somewhere ?i realize that they get overwritten again and again in the clipboard but do they also get stored somewhere else?
View 9 Replies View RelatedI'm using lucid desktop edition, and I need to encrypt my home folder, but I didn't mark that option in the fresh instalation of lucid. I'd like the login screen to ask for the password and then decrypt my files.Is it possible to do without erasing my user?
View 2 Replies View RelatedI'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
I have just installed Ubuntu Jaunty (I do not like Karmic, please don't try to make me upgrade) and after installing all my programs I realized I did not encrypt my home directory.
I know it's very simple to do this during the installation but I can't seem to find an option to do it after it.
Is there a way to do this?
I just installed 9.10 on my laptop and selected the option for home folder encryption. I am running DropBox and placed the DropBox folder on my desktop (meaning it should be encrypted when I am logged out.) So I have two questions:
1) Shouldn't this setup cause my DropBox files on the server to be encrypted? Apparently they are not because they appear as unencrypted text using the DropBox Web interface.
2) If they were encrypted on the server (which doesn't appear to be the case right now), how would it be possible to share them with another client unless the encryption on both clients were set up identically?
When I installed, I selected the option to encrypt my home folder. I believe this is causing constant crashes now, since error message is user id/password related. Is there a way to remove the encryption?
View 5 Replies View RelatedLet's begin from the top. I have a relatively new laptop that I've been running Ubuntu on (along with a little-used Windows boot). Picked it up in November or so, installed the current "latest" version of Ubuntu at the time (9.10). I have been doing incremental upgrades, and it's been progressively breaking down more and more. Yes, this includes 10.04.
After GRUB stopped working, I decided it was time to try a reinstall from the top. I told it to leave all the other operating systems alone and do a full reinstall.
Fortunately, I had managed to stuff most of my current work in duplicate locations during this whole debacle, somehow. Don't ask me how I managed to do that when GRUB wasn't working. However, when I installed, I conscientiously said "Oh, yes, Ubuntu, encrypt my home folder! I love privacy!" As a result, about... 30 gigabytes of useful (but ultimately re-downloadable) material is rather inaccessible at the moment. When I try to boot the old system using the newly fixed GRUB, it goes into kernel panic. This seems like a no-go.
I have a saved hojillion-character long passphrase for decryption from my install back in November. Conscientiously saved in the case of just such an emergency.
I read this how-to and followed it to the letter as far as I could tell, trying to mount with ecrytfs to recover my data.
[USERNAME] here is a proxy for my actual username. Yes, the location of my old home folder may seem a little bizarre.
Code:
sudo mount -t ecryptfs /media/c82ca9fe-2b15-4aca-a98d-6482b1d80a32/home/[USERNAME]/ /home/[USERNAME]/oldhome
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
[Code].....
I need to do a reinstall (read the details here): http://ubuntuforums.org/showthread.php?t=1703381 but I need to be able to access my home directory which is encrypted. Is there a way to decrypt my home folder, so that I don't get into trouble accessing it later on?
View 9 Replies View RelatedWhen installing the latest Distro of Mint (I believe this is not much different, if at all, from Ubuntu as far as this goes) I chose to have my Home folder encrypted using the login password. This was a function of the installation. What I was wondering about was how secure this was and if I should maybe use something to do a better encryption or not.
View 1 Replies View RelatedWhat are the steps I must take to move my existing home folder to a separate, encrypted partition? Can I create this partition without damaging my current partition? Where is a trusted location to download App Armor profiles? What else can I do to harden the security of Ubuntu?
View 1 Replies View Relatedlast week I decided to not just run dist-upgrade, but give the Lynx a completely fresh install. Before that I've only copied my home folder to an external hard-drive.
Now that I'm on Ubuntu 10.04 I have no clue how to import my old personal key and the passwords from the backup (my old home folder).
Lately, I've found 2-3 times an .exe file with a random name in my /home, and another data file with a random name as well. I'm a user of wine, but none of the programs that I use seems to be the cause. Last time it happened I sent it to virustotal.com, and this is the result: [URL].. So, this is clearly a virus. The two files show "nobody" in the proprietary field and "none" as group. What can I do to track down the cause? Also, telepathy-butterfly likes to hog 100% of CPU lately, and all I can do is killing it: is someone exploiting a vulnerability? if so, why the hell would he drop a win32 virus?
View 9 Replies View RelatedI would like to give a few students a preconfigured Ubuntu USB stick with certain apps. I also encrypted the home folder in case of loss.
With TrueCrypt, cloning an encrypted container would be a big no-no because any one could just backup their header with a known pw and use it to decrypt anyone else's container due to each container using the same master key. I assumes the same applies to home folder encryption, yes?
Is there a way, other than creating a new user with home folder encryption, of forcing a master key change?
while since I've been here. I'm having an issue with a fresh install of 11.04. Due to work requirements, I encrypted my home folder, which is fine, however, it seems to randomly lock itself down while I'm working, and it's getting really annoying.
Apps stop working, I can't open nautilus (something about not being able to create certain folders because home is locked), hell, even the terminal link on my desktop says failed to launch application (though the launcher on the top panel works). I just have to run ecryptfs-mount-private and enter my password to fix it, but it's doing this every 15 minutes or so. what might cause it to relock itself so frequently? I would expect to not have to deal with mounting my private data, that should happen at login and be good until log out.
Is there a way for my home folder to not be automatically mounted when i log in? And for that matter a way to change the password from my log in password to something else?
View 2 Replies View RelatedIf I wanted to transfer a home folder that was encrypted to another ubuntu computer could I? If I had a separate home partition that was encrypted, but I wanted to upgrade ubuntu to the latest version by doing a clean install is there an easy way so that I can still read the data encrypted with the old version?
View 5 Replies View RelatedI was wondering how to activate encryption on my home folder, like sugested when creating the first user? in 10.04Also, is it any good to use?It's a work computer with sometimes private documents (cv, docs, etc) and i would like to be sure no one can access it, even as root.
View 3 Replies View RelatedI logged in to Recover Mode ("Drop to root shell prompt") this morning to do something. Naturally, I wanted access to my encrypted home folder.
The README file says to run ecryptfs-mount-private. However, that command returns an error:
"ERROR: Encrypted private directory is not setup properly."
This cannot be correct, because if I log in normally, I get my home folder without any problem.
How can I access my encrypted home folder when I boot via Recover Mode?
After buying an IBM/Lenovo USB fingerprint reader model FP06 and installing Fingerprint GUI, have problems to mount my home folder encrypted with eCyptfs. I was using it since the first time i install Ubuntu 10.10 64 bits. After login from GDM, there are some ways to make it work:
1) open a terminal window and type ecryptfs-mount-private. This decrypt the home folder, but need to logout and login again to my personal preferences can be reached (bookmarks in nautilus, in firefox, etc). Each time the PC is rebooted, the same process is needed to made again.
2) before login in GDM, change to a tty1 terminal (ctrl-alt-F1) and login from here. The personal folder decrypt then without problems. Then change to GDM (ctrl-alt-F, login an everything works fine. What could be the fault from GDM to not mount the encrypted folder?
if it's possible to use a white or blacklist to control which folders are ecryptfs encrypted when you're using the "encrypted home folder" option.
Of course I can always create an extra folder outside of my ~ and then symlink what I don't want encrypted into it, but I'd rather that it's possible to create like, ~/.ecryptsfs/excludelist with a list of paths that shouldn't be encrypted.
Wondering if its possible to have a User's home folder that resides in a different partition (could be ntfs or ext). I don't mean mounting /home on a different partition. The home directory will still be available for adding more users but I'd like to have a specific User's folder away from /home
How can one achieve this?
Are the default firewall settings of F10 without any modification, sufficiently secure for general usage and to bridge the timeframe between a fresh installation of F10 and the time before the security updates are applied?imilar to how Windows firewall is set without any configuration, or do I need manually configure it to be somewhat secure, or something like Firestarter.
View 14 Replies View Relatedi installed fedora kde 32 bit and iam realy loving it. but i want to resize my home partition as i got a message there is no space in my home folder i downloaded a Disk utility application .... to try and resize .... but looks like i dont know what to do
View 3 Replies View RelatedIn my opinion there should be a tool installed in Ubuntu by default which lets the user easily encrypt his home folder. One is given the option in the installed, but if one decides to encrypt his folders afterwards that's quite hard to achieve.
View 8 Replies View Relatedwhy fedora 14 will not open my home folder. it will say opening across the task bar but will not open. none of my folders seem to want to open. . updates are done, and it says software is up to date.
View 7 Replies View RelatedI seem to be missing a secure.log or security.log file. I have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else. I'm looking for a file that logs any change to the security settings of the system.
View 1 Replies View RelatedWhen I try to view ~ in nautilus, the animation in the upper right corner just spins indefinitely. It happens when I run nautilus as root too.Typing "ls -la" in the home folder will cause the term to freeze. Neither "ls -a" or "ls -l" by themselves cause it to freeze The freezing only happens in ~ to my knowledge.The freezing terminal also ONLY happens in xterm, inside gnome. Through ssh I can display the folder contents just fine, and I don't see any strange file names that might be causing an issue.I tried following advice I found, I believe on this site, to "rm -rf ~/.gvfs"I feel that I may e overwritten a fedora-specific library somewhere when trying to compile different things. I don't recall this being an issue immediately after upgrading from fc10 to fc12, though it could have conceivably gone unnoticed.
View 1 Replies View RelatedIn my Fedora 12 nautilus don't show my home folder, but if i do a ls works fine, but ls -la crash.
View 4 Replies View RelatedDerived from http://forums.fedoraforum.org/showthread.php?t=254080
After installing Fedora next to Ubuntu with a common home-folder, I've had troubles with many different things. When I finally fixed grub2 so I could display all the OSs available, I tried to boot Ubuntu. Then I got three messages, one telling me .ICEauthority wasn't able to upgrade. I've now realized it was because my user in Ubuntu didn't own the home-folder. I typed "sudo chown -R jp:jp /home/jp/" in a shell, and it worked. But when I then logged into fedora, I got the same error messages, so I had to type "su -c chown -R jp:jp /home/jp". Apparently, jp in Fedora isn't the same user as jp in Ubuntu.
How do I make my home folder owned by both?