My laptop isn’t under my supervision most of the time. And I’d hate it if someone were to steal my SSD, or whole laptop even, when I’m not around. Is there a way to encrypt everything, but still keep the device in sleep, and unclock it without much delay. It’s a very slow laptop. So decryption on login isn’t viable, takes too long. While booting up also takes forever, so it needs to be in a “safe” state when simply logged out. Maybe a way that’s decrypt-on-demand?

I’m on Arch with KDE.

    • thepiguy@lemmy.ml
      2·
      17 days ago

      Systemd has a good guide on how to use it https://systemd.io/HOME_DIRECTORY/

      And they also have a guide on migrating a traditional user home to this. Do remember to take backups if going this route https://systemd.io/CONVERTING_TO_HOMED/

      I personally used the arch wiki when I set it up https://wiki.archlinux.org/title/Systemd-homed

      There is not much config.

      I think the command I used for my laptop was:

      homectl create <name> --storage=luks --shell=/usr/bin/fish --member-of=wheel

      https://wiki.archlinux.org/title/Systemd-homed#Creation

      Gnome is working on a gui for this, but it will probably be a while until that is out. I feel like it is pretty safe to use the cli for this one.

      • UnRelatedBurner@sh.itjust.worksOP
        2·
        16 days ago

        Hehe, Thank you. But by the time I’m reading this I’ve already done it. Got stuck on a couple or roadblocks, but figured it out. I got scared when I didn’t “enable” the service just “start” it. I’m not safe(-ish enough). :D

        edit: well not the plasma fix. wiki said if it’s a problem I need to start something, and that something should be on by default. So I didn’t do anything, maybe that’s a problem

      • UnRelatedBurner@sh.itjust.worksOP
        2·
        16 days ago

        Okay I just had a bit of freetime to test it: doesn’t work… if I log out or sleep, my home dir is still mounted. Meaning it’s as good as nothing. Looked at the plasma fix, didn’t work. I have a pretty good lead, that I need the topmost template from some wiki:

        [Unit]
PartOf=graphical-session.target

        Problem is, where in the world should I write this? I really don’t expect you to know, but maybe I’m talking to a genius. The internet didn’t help, or I used it wrong.