https://bugs.kde.org/show_bug.cgi?id=488104
Bug ID: 488104
Summary: support systemd-homed's "forget keys on suspend"
Classification: Plasma
Product: plasmashell
Version: master
Platform: unspecified
OS: Linux
Status: REPORTED
Severity: wishlist
Priority: NOR
Component: Session Management
Assignee: plasma-b...@kde.org
Reporter: kdeb...@hirebzs.mozmail.com
CC: natalie_clar...@yahoo.de
Target Milestone: 1.0
SUMMARY
As a user I would like to improve the security posture of my KDE-installed
system. One way to achieve this is to use systemd-homed to fully encrypt my
home directory, and have it automatically locked with the keys purged from
memory when the system suspends, by using systemd-homed's "[forget keys on
suspend](https://www.freedesktop.org/software/systemd/man/latest/pam_systemd_home.html)"
feature. GDM is already
[working](https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/251) on
supporting this, would love to see it in SDDM/KDE as well.
STEPS TO REPRODUCE
1. user creates encrypted home directory using systemd-homed and enables
relevant setting in pam_systemd_homed
2. user suspends active session
3. user resumes session from suspended state
EXPECTED RESULT
user's home directory locked and keys purged from memory; user be asked to
authenticate again to unlock home directory
ADDITIONAL INFORMATION
looks like there is some upstream work pending [this
PR](https://github.com/systemd/systemd/pull/31796) targeting systemd v256 but
the DM & shell bits should be ready for work
--
You are receiving this mail because:
You are watching all bug changes.
