Dear fellow Manjarees,
I have the following Setup:
SSD 1: Manjaro (KDE)
SSD 2: Personal Data (encrypted with Veracrypt)
SSD 3: Windows 10
As you can see, I am using Linux and Windows, depending on the software I need to run. I need to access my files from both OS, so I chose to encrypt with Veracrypt - which is available for Linux and Windows.
The data drive must be encrypted, but I would like to keep the drives with Linux and Windows unencrypted, for better performance.
In Linux, I have created a small bash script to run some commands and start Veracrypt after login via autostart. Though this works, it is very uncomfortable, for I have to enter the following myriad of passwords:
1. My user password at login (KDE SSDM credentials)
2. root password (to start Veracrypt)
3. encryption password (for the data drive)
4. root password yet again! (to mount the encrypted drive)
This is safe, but also very annoying.
What I try to achieve is:
Computer starts, I enter my user password at login, after that, Veracrypt automatically encrypts and mounts the data drive.
Thoughts:
-
If I set the user password the same as the encryption password, it might be possible to cache the user credentials at login (?) and give them as variable to veracrypt, like so:
veracrypt --password="$cached-password" --mount /dev/sda5 /mnt/veracrypt1 -
Maybe another approach would be something like KDE Wallet? Is it possible to get a stored password via terminal?
-
Making veracrypt get sudo rights is the second problem. Setting an SUID does not work:
(Gtk-WARNING **: This process is currently running setuid or setgid. This is not a supported use of GTK+.)
So maybe something like visudo? I have no experience with it, unfortunately.
Any help or ideas are much appreciated. 