Home / ubuntu / Questions / 883253
Accepted
Sqerstet
Asked: 2017-02-15 04:34:44 +0800 CST

What is the correct way to keep home directory on USB stick?

  • 772

I'm trying to do something which seems obvious but nobody else seems to be doing. I want to keep my home directory on an encrypted USB drive, to be plugged and unplugged "on top of" a vanilla home directory on a vanilla Ubuntu installation.

It does work, sort of. My current workflow:

  1. At login screen, do ctrl+alt+f2 to new TTY. Log in as root (having set root password to allow this). Mount encryped volume at /home/me
  2. Back at TTY7, log in as me and work from correctly mounted home
  3. Log out to login screen, ctrl+alt+f2 back to terminal, log in as root and unmount /home/me

But at step 3, on trying to unmount my home directory I get Device busy, and doing an lsof reveals hundreds of processes using it. It seems this is because Ubuntu does not log you out when you "Log out" to the login screen. So instead I am just shutting down directly, not unmounting first. Seems not very clean.

NB: I have a hardware issue which makes my machine unusable if I modify the grub config to boot to a shell prompt. And anyway, that is supposedly not the Ubuntu way.

But there has to be a better way to do this. An idea?

boot

2 Answers

  1. Setup

    Initially, you can do this to mount and copy the home directory:
    mount drive: mount -o uid=user /dev/sdbx /temphomedir
    Copy files: mount --bind /temphomedir /home/user
    This assumes that /dev/sdbx is your USB drive and /home/user is your home directory.

    Note

    NOTE: make sure that your /home/user directory is empty before you mount the drive.

    Adding start up script

    According to this question you can use the command crontab -e to edit your cron, then you can add the following line @reboot /mount.sh. Now that we have done that we need to create the mount.sh script. You can do that by typing sudo nano /mount.sh. This will open the nano text editor. Then just past the following:

    #!/bin/bash
mount --bind /dev/sdbx /home/user

    What this will do is mount the USB to your home directory every time you boot your computer. Make sure /dev/sdbx and /home/user are correct, then type CTR+X to save and quit nano.
    when you reboot your computer this should work. Please keep in mind that I have not actually tested this, so it may not work.

    Hope this helps!

    • 1
  2. Best Answer

    There is now a systemd module called systemd-homed in the works to solve this very problem!

    In the meantime, here is the solution. In use every day without issue.

    First, copy the content of /home/you to the root of a LUKS-encrypted USB drive. Assuming no other USBs are present, lsblk will always show the drive as /dev/sda and the encrypted partition will be /dev/sda1.

    Next ensure that if the USB drive is plugged in, then the encrypted partition will be available as a virtual block device. A password prompt will appear at boot time. In /etc/crypttab:

    encryptedhome /dev/sda1 none luks,noauto

    Now, make this virtual device mount, if available. If it is not plugged in, there will be a short wait for the timeout but the boot will then proceed as normal. In /etc/fstab:

    /dev/mapper/encryptedhome /home/you ext4 defaults,nofail 0 2

    Your external home directory will be mounted on top of the existing vanilla one. Mounting things on top of existing directories like this simply makes the existing one unavailable for the duration of the mount. All data in it remains safe.

    • 0