mukesh agrawal

Some of the things I have worked on when distracted.

PAM integration w/encrypted home directory

With the 2.4 series of Linux kernels, there is support for encrypted filesystems via the loop block device driver. Specifically, the Loop-AES patch modifies the loop driver to implement the Advanced Encryption Standard algorithm. (This algorithm is also known as Rijndael.) Confidentiality of data is maintained by encrypting data before it is written to disk. The encryption key is specified when the filesystem is mounted.

Automatically mounting the filesystem at boot time would negate some of the confidentiality gained by having an encrypted filesystem. Hence it is desirable to mount such a filesystem only when the user whose data it contains needs it. My patch for the PAM mount module enables automatic mounting of encrypted filesystems at user login. It permits (but does not require) the use of different passwords for login and encryption.

Note: the Loop-AES patch is different from the International Crypto Patch. As of the last time I checked, the ICP was not compatible with 2.4 series kernels. My patches to PAM assume the use of Loop-AES, and not ICP. However, it should not be too difficult to support ICP instead. (Indeed, at one time I was using a 2.2 series kernel and ICP.)

Potential issues:

Download the patch for PAM to support encrypted home directories (now includes John Langford's updated patch for pam mount 0.3.2). Or, download the latest pam_mount, which includes support for encrypted home directores.

Hard Disk Spindown and Linux

Having a rather noisy drive in my computer, I have written some notes on how to keep your hard disk spun down when using Linux.

Random Notes

I've written some notes about various toys I've played with.

[Validate HTML] [Validate CSS]