I am new to sys-admin work.
My objective is to setup a couple of computers with Ubuntu 16.04 which satisfy two objectives:
- home folders encrypted
- central authentication management
Currently I am encrypting all home-folders with ecryptfs-utils. But I am new to central authentication like freeipa. I know that changing the user passwords on a machine with encrypted home folder requires to re-encrypt the encryption key for the user (thus using the old password the decrypt the disk encryption key in between). It is not obvious for me how this could be done with a central authentication management system. It might be that a machine is offline while the user password in the central authentication management system is changed.
Is there a way to setup both?
