My ~/private Eee folder

Leave a Comment Posted by on August 21, 2008

Inspired by the Ubuntu project Encrypted Private Directory I decided to set something similar up on my Eee PC. Being a regular FUSE user I based my solution on EncFs and pam-encfs.

First of all we create our folders. These commands should be run as your normal user. The password you give EncFs has to be the same as the one you use to login.

$ mkdir /home/U/.private /home/U/private
$ chmod 700 /home/U/.private /home/U/private
$ encfs /home/U/.private /home/U/private

$ fusermount -u /home/U/private

(By the way, I’m assuming that the user is part of the fuse group, or has proper permissions to /dev/fuse by some other means.)

With your folders in order it’s time to instruct PAM on how to automaticly mount your private folder at login time. My /etc/pam.d/common-auth  and /etc/security/pam_encfs.conf looks like this.

auth    sufficient    pam_encfs.so
auth    required    pam_unix.so nullok_secure use_first_pass

U  /home/U/.private  /home/U/private  –public  nonempty

Using –public will ensure proper file ownership; no matter if encfs is mounted by root (gdm/X) or by your normal user. You might have to restart gdm, sshd, etc before your new PAM settings take effect.

By now the folder /home/U/private/ will be mounted at login time. Everything you put in there will be encrypted into /home/U/.private/.

I guess I shold mention that my Eee is a DebianEee. I have no idea how well this will work on the default Xandros Eee installation.

Howto , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

Please log in to WordPress.com to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.