Could someone advise me on how to do a ecrypt mount at boot time. The filesystem is encrypted with a pcr based key generated with ecryptfs-generate-tpm-key. I have the uuid and I am able to mount the filesystem interactively.
I use some instructions in one of the README files to derive a fstab entry from mtab /secret /secret/ecryptfs user,noauto,rw,exec,ecryptfs_sig=aabbccddeeffgghh,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough, 0 0 Do I need to use the uuid provided by ecryptfs-generate-tpm-key somewhere or it is it referenced by the ecryptfs_sig? When I try to mount with mount -i /secret or mount -i /secret -o key=TPM:uuid=12121212121212112121221 it mounts, but the files remain encrypted If I unmount then remount interactively specifying tcpi for the key stype and providing the uuid and other options it is ok, then umounting it and remounting with mount -i /secret then it works until reboot. This would seem to indicate that i am not supplying the key correctly initially and after it has been properly provided in an interactive mount the credentials remain on the session keyring for subsequent mounts. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ eCryptfs-users mailing list eCryptfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecryptfs-users
