Announcement

**starshipeleven** · 30 January 2020, 09:20 AM

my body is ready

**Britoid** · 30 January 2020, 09:31 AM

I'm actually really looking forward to this, the on-demand home-directory encryption sounds super promising, and it even goes better by trimming the free space from the home directory image so it's effectively thin-provisioned. Roaming profiles should also be easier.

I do think it should of just been called "homed" rather than "systemd-homed" though.

**ndegruchy** · 30 January 2020, 09:37 AM

Originally posted by Britoid View Post

I'm actually really looking forward to this, the on-demand home-directory encryption sounds super promising, and it even goes better by trimming the free space from the home directory image so it's effectively thin-provisioned. Roaming profiles should also be easier.

--SNIP--

Agreed. I imagine for most users, this will be a transparent change. The advantages will bring some really great features to distros.

**Britoid** · 30 January 2020, 09:40 AM

Originally posted by ndegruchy View Post

Agreed. I imagine for most users, this will be a transparent change. The advantages will bring some really great features to distros.

For sure, I've always thought encryption is too much hassle under Linux for non-technical users, which isn't right because non-technical users need that privacy too, this could go some way of solving that.

**skeevy420** · 30 January 2020, 10:02 AM

Originally posted by Britoid View Post

For sure, I've always thought encryption is too much hassle under Linux for non-technical users, which isn't right because non-technical users need that privacy too, this could go some way of solving that.

Definitely. I imagine uninformed people looking at a man page and going Serpents and AES and Blowfish, oh my.

**Britoid** · 30 January 2020, 10:05 AM

Originally posted by skeevy420 View Post

Definitely. I imagine uninformed people looking at a man page and going Serpents and AES and Blowfish, oh my.

It's not that, it's that changing the rootfs encryption password isn't something that's easily accessible without popping into the terminal and it's not easy to disable and enable encryption on-demand.

rootfs encryption is also a bit of a pain in shared environments. If you want to let someone use your computer, they'll have to ask you to unlock each time you turn it on.

**skeevy420** · 30 January 2020, 10:12 AM

Originally posted by Britoid View Post

It's not that, it's that changing the rootfs encryption password isn't something that's easily accessible without popping into the terminal and it's not easy to disable and enable encryption on-demand.

rootfs encryption is also a bit of a pain in shared environments. If you want to let someone use your computer, they'll have to ask you to unlock each time you turn it on.

Unless you adopt a strategy of using USB drives with keyfiles on them to unlock encrypted volumes.

Does anyone know if this will be able to leverage ZFS encryption?

**gens** · 30 January 2020, 10:23 AM

A design document should start with a description of the problem being solved.
This is just as useful as most of the other stuff from them.

**ms178** · 30 January 2020, 10:45 AM

Great that people don't shy away from re-thinking fundamentals to make the life easier and safer today.

Announcement

Systemd-Homed Merged As A Fundamental Change To Linux Home Directories

Systemd-Homed Merged As A Fundamental Change To Linux Home Directories

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment