I have been using for years the system where: - one account - one HOME directory defined - one /home/my-account is fake directory (not fake, but not real one) - there are other fake accounts - /dev/mapper/my-account is encrypted partition - thus anybody can start the computer and use his/her account - I can also access computer through SSH if computer does not prompt me for password - I can use my fake account for browsing for example - I can mount as root or other user with root privileges my encrypted partition
Then if I am in country where encryption is disabled or for other legal reasons, I can just say that I do not know nothing as I use only my account, not other accounts. Now I have on Dragonfly BSD prompt asking me to decrypt partition. That is not convenient for me. It would be best to retain the /etc/crypttab and just disable decryption at boot. Normally I do not even keep crypttab and I use SD card from which I launch script to decrypt it. In my opinion I should disable /etc/rc.d/cryptdisks at boot by changing /etc/rc.conf to have this line: cryptdisks_enable="NO" I have tried that, and is not working, so I am prompted for password. What is best or standard way to disable decryption at boot? -- Jean Louis
