systemd 247 includes interesting features like creating LUKS encrypted home dirs and an option to ignore the hw RNG input. These are worth looking at for both Whonix and the baremetal equivalent.
Interesting. But noting actionable yet.
systemd-homed seems cool.
But no compelling argument yet. Debian might go for it or it might stay as is.
Whonix current implementation using
pam_mkhomedir is very stable.
LUKS encrypted home dir isn’t crucially important as https://www.whonix.org/wiki/Full_Disk_Encryption covers that anyhow.
People who just want to outsource their home folder to use it on USB to then use it on different systems, well, I don’t think that’s a realistic use case. In that case, users would be better off installing their whole operating system on USB as per https://www.whonix.org/wiki/Whonix_on_USB.
- Setting the SYSTEMD_RDRAND=0 environment variable will now disable RdRand CPU instruction usage even with supported CPUs.
Won’t be needed since we have: