Re: [Ecryptfs-users] Mounting a user's home directory after login

Sun, 16 Nov 2008 08:52:15 -0800 

On Tue, Nov 04, 2008 at 05:30:24PM -0600, Matti Kariluoma wrote:
> Hello everybody, I have a doozy here.
> 
> The Readme has a perfectly acceptable way to mount at login time, but for
> me the login files it requires will be encrypted while it tries to access
> them, due to my entire user partition (/home/user) being encrypted.
> 
> I am using the default options with a weak passphrase, for reasons already
> debated and decided. I am trying to get the PAM method to work so that
> when I login graphically my home partition is unencrypted before any files
> in /home/user are attempted to be read.
> 
> Any clue on which files in /etc/X11 or similar need to be modified? I will
> be happy to switch my login manager to any required to achieve this.

Dustin Kirkland recently checked in changes to ecryptfs-utils to
facilitate eCryptfs-mounting your entire home directory:

---
commit 3ea43c26b93d82a96e70b34500447f8c99e8d85a
Author: Dustin Kirkland <[EMAIL PROTECTED]>
Date:   Thu Nov 6 23:13:10 2008 +0100

    mount.ecryptfs_private: support for encrypted home
    
    This relatively minor patch is extremely significant...it allows
    mount.ecryptfs_private (and consequently pam_ecryptfs) to be used to
    mount a user's entire home directory as an ecryptfs mount.
    
    The basic setup looks like this:
    
    dr-x------: /home/kirkland
    lrwxrwxrwx: /home/kirkland/.ecryptfs -> ../.kirkland/.ecryptfs/
    drwxr-xr-x: /home/.kirkland
    drwx------: /home/.kirkland/.ecryptfs
    
    Where /home/.kirkland/.ecryptfs is cleartext, and mounted with cleartext
    passthrough.
    
    Then:
     # mount -t ecryptfs -o
    
rw,ecryptfs_sig=%s,ecryptfs_cipher=%s,ecryptfs_key_bytes=%d,ecryptfs_passthrough,user=kirkland
 /home/.kirkland /home/kirkland
    
    Signed-off-by: Dustin Kirkland <[EMAIL PROTECTED]>
---

Attachment: pgpQsumaqOtjd.pgp
Description: PGP signature

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
eCryptfs-users mailing list
eCryptfs-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ecryptfs-users

Reply via email to