First things first, I'm actually using KDE Neon, but I figure this question applies equally to any *buntu distro and it's more likely to be seen in this forum. Admins, feel free to move the thread if you think it's inappropriate.
I have 2 users on my system, a "personal" and a "work" account, both with admin privileges.
I've just finished encrypting the home directory of my "work" user, with ecryptfs-migrate-home.
I want to encrypt swap as well for better security, but I have a concern: If I encrypt the swap, will my "personal" user be unable to access swap unless "work" has already decrypted it by logging in?
As far as I'm aware, the same swap partition is shared between both users. I read that all users can access encrypted data once it's been decrypted by the owner logging in, but I don't want to have to log in to "work" first every time because most of the time I only want to login to "personal".
Also, is there any reason why I can't also encrypt the home directory of my "personal" user? Would a good solution be to encrypt swap from my "personal" account, since I'll always be logged into that before logging into "work"?
I hope all this makes sense.
					I have 2 users on my system, a "personal" and a "work" account, both with admin privileges.
I've just finished encrypting the home directory of my "work" user, with ecryptfs-migrate-home.
I want to encrypt swap as well for better security, but I have a concern: If I encrypt the swap, will my "personal" user be unable to access swap unless "work" has already decrypted it by logging in?
As far as I'm aware, the same swap partition is shared between both users. I read that all users can access encrypted data once it's been decrypted by the owner logging in, but I don't want to have to log in to "work" first every time because most of the time I only want to login to "personal".
Also, is there any reason why I can't also encrypt the home directory of my "personal" user? Would a good solution be to encrypt swap from my "personal" account, since I'll always be logged into that before logging into "work"?
I hope all this makes sense.






Comment