Mount ecryptfs folders at login with ecryptfs-utils

Here is where you can post tips and tricks to share with other users of MX. Do not ask for help in this Forum.
Forum rules
Post Reply
Message
Author
Vincent17
Posts: 75
Joined: Tue Feb 20, 2018 1:07 am

Mount ecryptfs folders at login with ecryptfs-utils

#1 Post by Vincent17 »

I recently encrypted my home directory using ecryptfs-migrate-home from ecryptfs-utils package. On another partition, I have a folder that I would like to encrypt and also automount at login, but I don't want to move it into home. Unfortunately, according to archwiki, with ecryptfs-utils each user can have only one encrypted directory (.Private) managed by these tools.

It turns out there is an easy way to mount other ecryptfs folders at login by borrowing the signatures from the .Private folder. I hope this is useful to someone.

Code: Select all

$ mkdir /path/secret
$ cd /home/.ecryptfs/myuser/.ecryptfs
$ ln -s Private.sig secret.sig
$ echo "/path/secret /path/secret ecryptfs" > secret.conf
$ /sbin/mount.ecryptfs_private secret 
# populate the folder
# add "/sbin/mount.ecryptfs_private secret" to Session and Startup/autostart
.Private is automatically unmounted at user logout, but this folder is not. If you need it to be, edit /usr/local/bin/xfce4-session and add

Code: Select all

grep "/path/secret" /proc/mounts && gksu umount /path/secret
just before #logout sound, line 57 or so (thanks, davemx). Of course the folder gets unmounted anyway at poweroff or halt.

-------------------
I was not able to get automount to work with pam_mount after a million DDG searches and tweaks. The instructions in the pam module section of /usr/share/doc/ecryptfs-utils/README also did not result in automount. Encfs + pam_encfs worked perfectly, but in a misguided preference for economy, I wanted to use ecryptfs. :rolleyes:
Top
Post Reply

Return to “Tips & Tricks by users”