Requests for Enhancements

From Knoppix Documentation Wiki
Revision as of 16:10, 30 May 2005 by Hal (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Mutiple Logins in Knoppix

I recently had an idea for non-server type computers. This would be implementable on Knoppix, but could be applied to any distribution.

Right now, "knoppix home=scan" will scan media for a knoppix.img file.


It would be cool if the system looked for all files called "home-*.img". For example, I might have a home-hal.img file which would be an encrypted filesystem containg the user hal's home directory.

Suppose it found two files: home-hal.img and home-dave.img. Then the login screen would show four user options: default, hal, dave, and new. Default would create a home directory in the ramdisk using the default settings, just like Knoppix does now.

If I chose hal, it would ask for a passphrase. If that passphrase works on the encrypted home directory, then it would add hal to /etc/passwd, mount the encrypted filesystem at /home/hal, and log me in.

The "new" option would create a new user and a new encrypted home directory on whatever media is chosen.


The advantages are:

  1. One is not limited to the "knoppix" user.
  2. There can be mutliple home-directory images for multiple users on the same hard drive.
  3. This encourages use of encryption for security.
  4. It seems more natural security model. In the old model of enforcing security, the kernel is expected to respect /etc/passwd and home-directory permissions. User A could always use a live-cd to read User B's private files, even if User B had set the permissions on those files to keep them private.

This idea needs work. But I think it has some promise.