On Tue, Nov 04, 2008 at 05:30:24PM -0600, Matti Kariluoma wrote: > Hello everybody, I have a doozy here. > > The Readme has a perfectly acceptable way to mount at login time, but for > me the login files it requires will be encrypted while it tries to access > them, due to my entire user partition (/home/user) being encrypted. > > I am using the default options with a weak passphrase, for reasons already > debated and decided. I am trying to get the PAM method to work so that > when I login graphically my home partition is unencrypted before any files > in /home/user are attempted to be read. > > Any clue on which files in /etc/X11 or similar need to be modified? I will > be happy to switch my login manager to any required to achieve this.
Dustin Kirkland recently checked in changes to ecryptfs-utils to
facilitate eCryptfs-mounting your entire home directory:
---
commit 3ea43c26b93d82a96e70b34500447f8c99e8d85a
Author: Dustin Kirkland <[EMAIL PROTECTED]>
Date: Thu Nov 6 23:13:10 2008 +0100
mount.ecryptfs_private: support for encrypted home
This relatively minor patch is extremely significant...it allows
mount.ecryptfs_private (and consequently pam_ecryptfs) to be used to
mount a user's entire home directory as an ecryptfs mount.
The basic setup looks like this:
dr-x------: /home/kirkland
lrwxrwxrwx: /home/kirkland/.ecryptfs -> ../.kirkland/.ecryptfs/
drwxr-xr-x: /home/.kirkland
drwx------: /home/.kirkland/.ecryptfs
Where /home/.kirkland/.ecryptfs is cleartext, and mounted with cleartext
passthrough.
Then:
# mount -t ecryptfs -o
rw,ecryptfs_sig=%s,ecryptfs_cipher=%s,ecryptfs_key_bytes=%d,ecryptfs_passthrough,user=kirkland
/home/.kirkland /home/kirkland
Signed-off-by: Dustin Kirkland <[EMAIL PROTECTED]>
---
pgpQsumaqOtjd.pgp
Description: PGP signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ eCryptfs-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ecryptfs-users
