5,337
edits
Line 571: | Line 571: | ||
** E.g. Move all startup scripts in your <code>~/bin</code> to <code>/usr/bin</code> | ** E.g. Move all startup scripts in your <code>~/bin</code> to <code>/usr/bin</code> | ||
* <code>ssh</code> will not work until home has been decrypted since the authorized keys are in <code>~/.ssh/authorized_keys</code> | * <code>ssh</code> will not work until home has been decrypted since the authorized keys are in <code>~/.ssh/authorized_keys</code> | ||
{{hidden | SSH Workaround | | |||
Getting SSH to work with an encrypted home dir is a giant pain. | |||
Also things like tmux still won't work. | |||
Overall I do not recommend doing this on a server. | |||
# Move ssh keys elsewhere such as <code>/etc/ssh/authorized_keys/<user></code>. | |||
#* Add <code>/etc/ssh/authorized_keys/%u</code> to the <code>AuthorizedKeysFile</code> line in <code>/etc/ssh/sshd_config</code>. | |||
# Create a sudo user with and unencrypted home directory. | |||
# After every restart, ssh into the unencrypted sudo user and decrypt your home directory: | |||
#:<code>sudo fscrypt unlock /home/david --user=david</code> | |||
# Then ssh into your account. | |||
}} |