Okay, I finally have my head wrapped around this bug. So here's the deal...
To mount your home directory, you *must* provide your login passphrase at some point, because this passphrase is used "unwrap" your wrapped- passphrase file. This is what you're doing when you run "sudo". Sudo prompts you for your passphrase, which walks the pam stack and mounts your home directory. I'm going to update the title of this bug. What you're really asking for, is to have a second wrapped-passphrase file, perhaps called ~/.ecryptfs/wrapped-passphrase.ssh, which is wrapped with your ssh private key instead of your system login passphrase. I am going to need to study the implementation of pam_ssh and authorized_keys... Thanks for the report and research. :-Dustin -- Support a wrapped-passphrase.ssh, wrapped with an ssh private key https://bugs.launchpad.net/bugs/364015 You received this bug notification because you are a member of eCryptfs, which is subscribed to ecryptfs-utils in ubuntu. Status in eCryptfs - Enterprise Cryptographic Filesystem: Confirmed Status in “ecryptfs-utils” source package in Ubuntu: Incomplete Bug description: I had a problem with ssh public key auth and encrypted home directory in Jaunty. I fixed the issue by workaround provided by Dustin Kirkland: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/362427 But after reboot auto mount of encrypted home directory has stopped to work. There is only one error string in auth.log: Mount of private directory return code [256] At the same time I am able to mount home directory manually through ecryptfs-mount-private command. But /sbin/mount.ecryptfs_private shows me the following: keyctl_search: Required key not available Perhaps try the interactive 'ecryptfs-mount-private' ... looks like pam_ecryptfs is not able to read ~/.ecryptfs/wrapped-passphrase _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs More help : https://help.launchpad.net/ListHelp
