did you change your password from your account or using the root account?
It looks like pam actually stores encryption keys in /var/lib/ somewhere
and can re-cypher them. That only works if you enter the previous
password when changing passwords, though (which I hadn't considered,
since normally when you init=/bin/bash you drop straight to root...)
On 09/02/2012 09:37 AM, Damian Ivanov wrote:
Hi John,
I appreciate your fast answer!
So what can I do to prevent this default behaviour? e.g if password
gets changed data is unreadable unless to have the secret key?
Wouldn't this be a more reasonable default?
Best regards,
Damian
2012/9/2 John Moser <john.r.mo...@gmail.com>:
Yes that would indicate that there's a key stored somewhere that doesn't
need a known secret, unless pam is storing a key and re-crypting it when you
change passwords (unlikely).
On 09/02/2012 09:16 AM, Damian Ivanov wrote:
Hi folks,
I just did an ubuntu 12.04 fresh install and I wanted to test
something in ecryptfs. So basically I selected during install to
require password to login and to encrypt home folder. I logged in and
created secret.txt on my desktop and shut down. I booted up again but
in bootloader I appended init=/bin/bash booted into the root shell,
did a
mount -o remount,rw / and passwd $my_user set a new password and
rebooted. After reboot I logged into $my_user account with the new
password. secret.txt is readable and all other files too. Is this the
expected behaviour?! If yes isn't it better to change the behaviour to
something more secure...
Regards,
Damian
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
