0
System: Ubuntu 16.04 LTS amd64 "bento" vagrant box with VirtualBox 5.
Steps:
root@vagrant:~# adduser --encrypt-home citizenfour
root@vagrant:~# ssh citizenfour@localhost
citizenfour@vagrant:~$ echo "abcdefg" > secret.txt
citizenfour@vagrant:~$ chmod 0600 secret.txt
citizenfour@vagrant:~$ exit
root@vagrant:~# cat ~citizenfour/secret.txt
# abcdefg
Question: Why can root
still read citizenfour
's secret even though we set up encryption for citizenfour
's home folder? I.e. why was secret.txt
not encrypted on logout?
Okay, that works, but seems a little awkward, as most users on a server do not have the right to reboot it. Can you explain what triggers the re-encryption of the home directory and why it does not happen directly after logging off? – H.-G. Buttentee – 2016-11-10T14:28:46.697
Extended discussion: https://bbs.archlinux.org/viewtopic.php?id=98227
– H.-G. Buttentee – 2016-11-10T16:55:38.227