I'm using Debian + sddm + KDE with ONLY home directory encrypted with gocryptfs.
Decrypting is performed with gocryptfs as follows:
- PC boots as usual and starts the sddm service
- I enter my login credentials (which equal to my encryption password)
- pam_mount decrypts and mounts my user's directory, and performs the login. I know, my password is hashed and salted, so it cannot be restored without rather much effort.
My questions are:
- In case of physical access by attacker, how hashed and salted, but unencrypted password affects user's directory data security?
- How much easier is to bruteforce password for encrypted data?
- Are there any new attack vectors, since that password can be found in the
/etc/shadowfile?
