OnWorks Linux and Windows Online WorkStations

Logo

Free Hosting Online for WorkStations

< Previous | Contents | Next >

6.2. Automatically Mounting Encrypted Partitions


There are a couple of ways to automatically mount an ecryptfs encrypted filesystem at boot. This example will use a /root/.ecryptfsrc file containing mount options, along with a passphrase file residing on a USB key.


First, create /root/.ecryptfsrc containing:


key=passphrase:passphrase_passwd_file=/mnt/usb/passwd_file.txt ecryptfs_sig=5826dd62cf81c615

ecryptfs_cipher=aes ecryptfs_key_bytes=16 ecryptfs_passthrough=n ecryptfs_enable_filename_crypto=n


image

Adjust the ecryptfs_sig to the signature in /root/.ecryptfs/sig-cache.txt.


Next, create the /mnt/usb/passwd_file.txt passphrase file:


passphrase_passwd=[secrets]


Now add the necessary lines to /etc/fstab:


/dev/sdb1 /mnt/usb ext3 ro 0 0

/srv /srv ecryptfs defaults 0 0


Make sure the USB drive is mounted before the encrypted partition. Finally, reboot and the /srv should be mounted using eCryptfs.

Top OS Cloud Computing at OnWorks: