Additional, encrypted partition mounted as /Users

Recently I removed DVD-ROM drive from my MacBook Pro and installed 60GB SSD for system (in regular HDD bay) and my old HDD instead of DVD drive.
My plan is to use fast SSD drive for system and the HDD for data.
I would like to have my HDD partition mounted as /Users so all users' home directories are stored on HDD.
I read this article: http://www.red-sweater.com/blog/1935/lions-whole-disk-encryption but it seams there is a problem with logging in if the user's home directory resides on separate encrypted partition.
My question is:
Is there any chance I can have "fully functional" /Users directory mounted as additional encrypted partition?
Thanks,
Mike

Hi Linc,
Thanks for your answer.
No, because the Users volume would already have to be unlocked and mounted before you could log in, and that's impossible.
I don't think it is impossible. I would reather say: "Apple makes it difficult to do".
I barely see any problem with mounting other partitions on the system level during boot.
The question is: "How hard is it to do that now?"
The second question is: "When (and how) Apple will make it easier?"
The best you could do would be to log in, mount the volume as root at /Users, then log out and log in again. I wouldn't recommend that you try this.
Yeah... I don't feel like log in two times. I wouldn't recommend it either.
I have another idea which is:
1. Mount addtitional encrypted partition as /Volumes/Whatever
2. Create directories like:
/Volumes/Whatever/Documents
/Volumes/Whatever/Pictures
/Volumes/Whatever/Music
/Volumes/Whatever/Library
3. Mount these directories in places under /Users/MyUser/... during login.
So there are other questions:
1. How to do it the "Mac way"?
2. There are maybe some directories which probably can not be mounted this way as its content can be necessary for login process to perform (probably some subdirectories of Library). Is it the case?
Cheers,
Mike

Similar Messages

  • How to mount encrypted partition

    I have Archlinux installed in dual boot with Ubuntu. My home partition on Ubuntu is encrypted with ecrypt. I would like to have this partition mounted on boot at Archlinux too. Does anyone can help me how to do that?
    Thanks a lot.

    https://wiki.archlinux.org/index.php/Sy … h_eCryptfs
    Please search the wiki before asking for help here.

  • OpenSUSE - Arch switch: encrypted partitions, keeping /home and other

    Hello,
    I am considering switching from openSUSE to Arch -- I want to gain performance, avoid releases and try something new -- but have some doubts/questions. I would appreciate if you could help me a bit with resolving them :)
    i. From what I see on the fora some of you are (ex) SUSE users so... will I miss anything?
    ii. Should I expect any problems in general?
       a) I am using nVidia proprietary drivers and, despite all downsides, would like to keep doing so. Are there any problems regarding installation or keeping them up to date?
       b) Is it possible to use s2ram and s2disk or obtain working counterpart(s), as, I hear, there are some problems with those?
       c) Is it possible to install software from debs and/or rpms? Possibly without extracting and moving files manually?
       d) Is it safe to assume that hardware and all applications not specific to any distribution will work just as well as they do on SUSE? I know, Linux is Linux but still.
    /edit:   e) Does getting fonts to be displayed properly takes a lot of tweaking? This problem does not exist on SUSE but on other distros it used to be a pain.
    iii. I have SUSE installed on encrypted partitions (with luks and /dev/mapper so it's pretty similar to setup recommended for Arch in that matter) and would like to avoid reencrypting as well as keep /home untouched. Is it possible and not too complicated?
    (I have seen http://wiki.archlinux.org/index.php/LUKS_Encrypted_Root, http://wiki.archlinux.org/index.php/Off … tall_Guide and http://wiki.archlinux.org/index.php/Ins … ing_Linux)
    Any additional information and comments are welcome.
    Last edited by skx (2009-02-16 15:36:33)

    quarkup wrote:ii)
    a) No problemo. I use nVidia drivers too for my 6800go, with no issues.
    Inxsible wrote:ii c) [....] I think there are packages in AUR, which can help you convert them to an Arch PKGBUILD and then install them.
    Thanks.
    bgc1954 wrote:i)
    Well, if you used suse for any length of time, you might miss the incredible slowness of yast as compared to pacman. :D
    YaST is not that slow anymore ;)
    What about the encryption part? That's the one that makes me anxious.
    Last edited by skx (2009-02-16 15:50:58)

  • Link to a file in encrypted partition

    Hi all,
    I have an encrypted partition with some files I use regularly.  If I mount the partition, I can make a shortcut to files by dragging them onto the dock.  If I click the icon on the dock, and the encrypted partion is not mounted, I get prompted for the password and the partion mounts and the file opens.
    I'd like to put several of these shortcuts in a single folder on my dock.  Just dragging and dropping does nothing.  Any thoughts?

    So I solved this by having an applescipt call a bash script.  Kind of a silly round-about way to do it, but it works.

  • Encrypted partition

    hi
    i have an encrypted partition use by suse
    is there a way to use it with arch linux?
    thanks

    Generally you would use the same method you (or suse) uses to mount and unlock the encrypted partition.
    If you use Luks for the encryption with dm_crypt you could simply run:
    cryptsetup luksOpen /dev/hdaX name_of_partition
    mount /dev/mapper/name_of_partition /partition_mountpoint
    To do all of this atomatically you would need to edit /mnt/etc/crypttab and enter the needed information.
    Here are two wiki entries concerning LUKS with Arch, they do not directly relate to what you need but you could use some pieces of it.
    LUKS Encrypted Root
    RAID Encryption LVM
    Most of the above is only valid when you're using LUKS I suppose. I also can't say anything about other methods because I never used them.

  • Partitioning the HD with the second partition as the Users directory

    Please help. Does anybody know how to do this, Boot drive is the first partition and the second partition is the Users directory. Please provide step by step instructions if possible. Thanks

    yes you can, but I would advise against doing so.
    The purpose is usually to use another disk drive to improve performance. Using a partition on the same drive just adds longer seeks from head movement instead.
    you can use FW but if the drive is not available, does not power on or mount, you can run into problem of creating a default account and messing up the /Volumes directory.
    In "Missing Manual" and elsewhere the easy way is to just open NetInfo Manager, click on Users tab, then your short-name. Authenticate and change the value for "home" from /Users/account-name to
    /Volumes/vol-name/Users/account-name
    Save, update, restart the netinfo database, logout and log back in.
    You are better off usually with two drives on separate buses, not on the same bus but different channels to improve I/O and to keep the boot drive free of media files etc to help performance and maintenance.
    You can also change /Users to another volume and use a symbolic link in its place. Changing Home Directory
    G4 MDD WD 320 OEM 9600 1.75GB SoftAID 3   Mac OS X (10.4.7)   Mac Pro "rev 2" (hopefully)

  • Hello. I have a problem with OEL 6.5 and ocfs2. When I mount ocfs2 with mount -a command all ocfs2 partitions mount and work, but when I reboot no ocfs2 partitions auto mount. No error messages in log. I use DAS FC and iSCSI FC.

    Hello.
    I have a problem with OEL 6.5 and ocfs2.
    When I mount ocfs2 with mount -a command all ocfs2 partitions mount and work, but when I reboot no ocfs2 partitions auto mount. No error messages in log. I use DAS FC and iSCSI FC.
    fstab:
    UUID=32130a0b-2e15-4067-9e65-62b7b3e53c72 /some/4 ocfs2 _netdev,defaults 0 0
    #UUID=af522894-c51e-45d6-bce8-c0206322d7ab /some/9 ocfs2 _netdev,defaults 0 0
    UUID=1126b3d2-09aa-4be0-8826-0b2a590ab995 /some/3 ocfs2 _netdev,defaults 0 0
    #UUID=9ea9113d-edcf-47ca-9c64-c0d4e18149c1 /some/8 ocfs2 _netdev,defaults 0 0
    UUID=a368f830-0808-4832-b294-d2d1bf909813 /some/5 ocfs2 _netdev,defaults 0 0
    UUID=ee816860-5a95-493c-8559-9d528e557a6d /some/6 ocfs2 _netdev,defaults 0 0
    UUID=3f87634f-7dbf-46ba-a84c-e8606b40acfe /some/7 ocfs2 _netdev,defaults 0 0
    UUID=5def16d7-1f58-4691-9d46-f3fa72b74890 /some/1 ocfs2 _netdev,defaults 0 0
    UUID=0e682b5a-8d75-40d1-8983-fa39dd5a0e54 /some/2 ocfs2 _netdev,defaults 0 0

    What is the output of:
    # chkconfig --list o2cb
    # chkconfig --list ocfs2
    # cat /etc/ocfs2/cluster.conf

  • "Lag" when Nautilus is opened with NTFS partition mounted

    Hi, I have a problem with Nautilus 3.14. I have a mounted shared Windows partition with the options below in fstab:
    defaults,nls=utf8,umask=000,uid=1000,gid=1000,windows_names,hide_dot_files,hide_hid_files
    Everytime I open Nautilus, it "lags" (I don't know what to call it. It freezes and then be usable again for an uncertain amount of time). Tried to unmount the ntfs partition and it worked flawlessly. Nautilus' shell output doesn't show anything strange (just some random GTK warning).
    This "lag" doesn't happen when I use Nemo. It runs well with the NTFS partition mounted.
    Is anyone knows the solution or has the same problem?

    solstice wrote:
    it began to make a few click noise when I was copying data to/from it.
    I can't believe it. It's a 2 week old harddrive. a western digital suposed to be good quality.
    Have I broken it or what ?
    I have made a badblocks scan before trying to use it and found no problem. I'll try again but I fear loosing data any moment now :-(((
    Western Digital is great but every manufacturer ships out defective drives now and again. Run a hard test with Sea Tools or the WD equivalent and if anything comes up, call them immediately. Your drive is still under warranty if it's brand new so they should replace it for free.

  • Gummiboot and encrypted / partition

    Hi,
    This is my first experience with Arch, with GPT, with LUKS, and with gummiboot, so I have a lot of sources of ignorance. 
    I am trying to set up a LUKS-encrypted system with encrypted swap.  I have followed the beginner's guide and the dm-crypt with LUKS guide pretty carefully and have no problem creating the encrypted partitions.  However, I don't quite understand how to construct the gummiboot entry for booting into the system. 
    the gummiboot wiki page has some instructions:
    An example entry for encrypted root (dm-crypt with LUKS)
    $esp/loader/entries/arch-encrypted.conf
    title          Arch Linux (Encrypted)
    linux          \\path\\to\\vmlinuz-linux
    options        initrd=\\path\\to\\initramfs-linux.img cryptdevice=UUID=<UUID>:luks-<UUID> root=UUID=<luks-UUID> rw
    In the encrypted example, not that the initrd is in options -- this does not appear to be discretionary at this time. Note that UUID is used for in this example. PARTUUID should be able to replace the UUID, if so desired.
    much of this is foreign to me.  In particular, how do I identify the various UUID's:
    cryptdevice=UUID=<UUID>:luks-<UUID> root=UUID=<luks-UUID>
    are those all the same UUID?  Or is there a difference between the plain  UUID and the luks-UUID?  And how do I get either of those pieces of information? 
    also, I am trying to speed things up a little by using this install script from the web:
    https://github.com/altercation/archston … chstone.sh
    however, a bunch of stuff there seems like it's out of date (lots of referenes to rc.conf, for instance!). 
    I'm wondering if there are other inconsistenies as well I should be careful of. 
    Thanks,
    Matt

    yes, this random script was a bad idea and I've stopped using it.  That said, I really don't understand the UUID stuff in my initial question, despite having gone through the beginner's guide & stuff.  In fact, the whole gummiboot stanza is odd to me: 
    An example entry for encrypted root (dm-crypt with LUKS)
    $esp/loader/entries/arch-encrypted.conf
    title          Arch Linux (Encrypted)
    linux          \\path\\to\\vmlinuz-linux
    options        initrd=\\path\\to\\initramfs-linux.img cryptdevice=UUID=<UUID>:luks-<UUID> root=UUID=<luks-UUID> rw
    what is with the escaped windows-looking  backslashes -- shouldn't this read more like:
    title          Arch Linux (Encrypted)
    linux          /vmlinuz-linux
    options        initrd=/initramfs-linux.img cryptdevice=UUID=<UUID>:luks-<UUID> root=UUID=<luks-UUID> rw
    ... and is there a way to find the relevant UUID's somewhere?  Thanks,
    Matt

  • Mount -o users doesn't work as intended, why not?

    I'm trying to modify some of the udev rules in the Arch wiki to work better for my setup. So I have this as /etc/udev/rules.d/11-media-by-label-auto-mount.rules:
    BUS!=usb, KERNEL!="sd[a-z]*", GOTO="media_by_label_auto_mount_end"
    # Import FS infos
    IMPORT{program}="/sbin/blkid -o udev -p %N"
    # Get a label if present, otherwise specify one
    ENV{ID_FS_LABEL}!="", ENV{dir_name}="%E{ID_FS_LABEL}"
    ENV{ID_FS_LABEL}=="", ENV{dir_name}="usbhd-%k"
    # Global mount options
    ACTION=="add", ENV{mount_options}="noatime,users"
    # Filesystem-specific mount options
    ACTION=="add", ENV{ID_FS_TYPE}=="vfat|ntfs", ENV{mount_options}="$env{mount_options},utf8,gid=100,umask=002"
    # Mount the device
    ACTION=="add", RUN+="/bin/mkdir -p /media/%E{dir_name}", RUN+="/bin/mount -o $env{mount_options} /dev/%k /media/%E{dir_name}"
    # Clean up after removal
    ACTION=="remove", ENV{dir_name}!="", RUN+="/bin/umount -l /media/%E{dir_name}", RUN+="/bin/rmdir /media/%E{dir_name}"
    # Exit
    LABEL="media_by_label_auto_mount_end"
    And it mounts usb sticks just fine. Problem is, I still get a permission denied error when trying to unmount them, despite using the "users" mount option, which is supposed to let *any* user unmount the device.
    So I tried mounting the stick manually with the users option...
    # mount -o users /dev/sdb /mnt
    And still got the error on trying to unmount it:
    $ umount /dev/sdb
    umount: /dev/sdb is not in the fstab (and you are not root)
    So it looks like the users option is not working the way the fstab man page says it should. What am I doing wrong here?
    Edit: the users mount option works fine for CDs. Is there a way to make it work for USB sticks, or am I just stuck?
    Last edited by Gullible Jones (2011-01-07 23:37:01)

    Thanks... Kind of strange, that. Is there a way to use pmount and give unmount permissions for all users, so that I don't have to do the silly mount-as-a-specific-user thing?
    Edit: Oh N/M, just unmounting with pumount works great. Thanks!
    Last edited by Gullible Jones (2011-01-08 00:24:58)

  • Additional runtime license fees per user in order to use the Java connector

    Hi All,
    I have one question.
    Do we require to pay additional runtime license fees per user in order to use the Java connector (Jco) supplied by SAP?
    We're currently not using the Jco but are looking into the possibility of using it.
    Thank in Advance.

    Hi All,
    Please answer my question
    We need to use Jco to connect to our 4.6C SAP production system. We do not have Portal or any other components. It's just a plain 4.6C system, service pack level is 23.
    We are currently paying license fees for using the system on a per user basis.
    Thank You.

  • What is the encryption method for the user's password?

    hi all,
    who knows what is the encryption method for the user's password?
    the password is 803004, and i get the encrypted string "D7EDED84BC624A917F5B462A4DCA05CDCE256EEEEEDC97D59A57930E06CF9781E022CC8E430FF04E"
    thanks,
    dan

    There is no default password for a guest user unless you've created one:
    (screenshot from the System Pref Guest User Pane)

  • How can I deploy EFS using Group Policy and automatically encrypt computers for ALL users who login?

    How can I deploy EFS using Group Policy and Active Directory with a goal to automatically encrypt computers for ALL users who login? (NOT an option for me to use BitLocker)
    I was asked to deploy EFS to encrypt the user my documents folder and profile on all of the users laptops. The laptops are in common areas (board meeting rooms, etc) and security of files is a must.
    I successfully created a recovery certificate in AD. I created an OU and setup an EFS policy and users can now login and select to encrypt their own files. The issue is that management would like to have automaticy Encrypt ALL users my documents AUTOMATICALLY
    when a user login.
    Can this be done?
    Please help

    Hi,
    Any update?
    Just checking in to see if the suggestions were helpful. Please let us know if you would like further assistance.
    Best Regards,
    Andy Qi
    TechNet Subscriber Support
    If you are
    TechNet Subscription user and have any feedback on our support quality, please send your feedback
    here.
    Andy Qi
    TechNet Community Support

  • [Solved]Mount windows encrypted partition

    Hi,
    I have encrypted the Windows 7 system partition fully using truecrypt. In Linux when i try to mount that partition [/dev/sda1] it says "incorrect password of not a truecrypt partition". I am entering the same password which I use while booting into Windows, that is pre-boot password.:/
    Last edited by sHyLoCk (2010-06-15 14:12:53)

    Do you use the same truecrypt version on windows and linux? also to be able to mount encrypted systems you have to activate a separate checkbox telling that the partition is using system encryption in truecrypts mount dialog (don't know where exactly it is since I didn't use truecrypt in a while), otherwise it will show the error you mentioned.

  • [SOLVED] mounting a plain dm-crypt encrypted partition

    After I botched an upgrade today, I'd like to save some stuff from an encrypted /home partition and start over.  I'm trying to mount the partition from a LiveCD and can't figure out what I'm doing wrong.
    [root@archiso ~]# cryptsetup create home /dev/sda3
    Enter passphrase:
    [root@archiso ~]# mount /dev/mapper/home /media/home
    [ 215.550259] SQUASHFS error: Can't find a SQUASHFS superblock on dm-3
    [ 215.566713] EXT4-fs (dm-3): unable to read superblock
    [ 215.580030] EXT2-fs (dm-3): error: unable to read superblock
    I don't think there's anything wrong with the partition, it was working fine earlier today, and from what I've read I think I'm trying to unlock and mount it correctly.  The only similar post I could find was this, but couldn't find any older install media to test with aside from dead torrents and I'm not sure what version of dm-crypt was used to create the partition.
    Last edited by bnjw (2011-12-29 10:26:11)

    It's ext3, and I think I did use LUKS after all.  It looks like I just had the wrong drive name, after running blkid /dev/sda3 wasn't even listed, but /dev/sda9 matched it in capacity.  Using that instead I was able to cryptsetup luksOpen /dev/sda9 home and mount /dev/mapper/home /media/home worked fine afterward.  I have no idea what I was doing when I made this setup, but I'll pay attention when doing it this time (and not wait 6 months to -Syu and break everything).
    Thanks to both of you for the help.

Maybe you are looking for

  • R/3 Tables

    Hi, How can i see the R/3 tables from BW data source, whether it is standard or generic extractor. Regards Rajini

  • Creating optional elements using SQL / XML functions

    Hi, I am struggling with some SQL / XML functionality in order to create some optional elements in a XMLType. I have one table with data to be generated into an XML document. The table looks like this (only the attributes related to the problem are s

  • Mail : i lost ISO-8859-1 encodage and other....

    I can't select ISO-8859-1 because i lost in the menu this encodage. I have • 4 occidental (ISO latin 1 - windos Latin 1 - Mac OS roman - mac mail) • 6japness • 8 chiness • 3 coreen and • UTF 8 Only I lost all other encodage.... !!! All my computer is

  • Form with Upload Facility

    Hi there. I'm looking at implementing an online form on a website, that has the abilility for the user to attach a file (will most likely be a word document or a pdf). I have made forms before, but never with uploads. If possible, it will email the a

  • Hi check  this code........

    int k = ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS; int i = ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED; JScrollPane jsp1 = new JScrollPane(table1,k,i); JPanel ja = new JPanel(); JCheckBox c1 = new JCheckBox(); JCheckBox c2 = new JCheckBox(