emount – ecryptfs mount

I like to use lots of different ecryptfs directories. I tend to have at least one local one per machine plus one on Ubuntu one, and more. I also like to only have those mounted when I’m using them.

So I wrote a new little tool in my version of ecryptfs-utils, emount. You can find it at ppa:serge-hallyn/ecryptfs. Here is how to use it. Let’s say I usually do

sudo mount -t ecryptfs ~/Ubuntu\ One/gtd ~/gtd

Now I want to be able to do ’emount g’. I create ~/.ecryptfs/g.conf,
which contains a valid fstab entry:

/home/serge/Ubuntu\040One/gtd /home/serge/gtd ecryptfs none 0 0

(Note, that should read the word ‘Ubuntu’, followed by a backslash and the numbers zero four zero, followed by the word One. Google a bit for the troubles wordpress has with backslash zero 🙂 )

I create a passphrase signature file g.sig using:

ecryptfs-wrap-passphrase ~/.ecryptfs/g.sig
Wrapping passphrase:

For the wrapping passphrase, you might want to use your login password,
but at any case this is the passphrase which you will load into your
kernel keychain, which mount will use to unwrap the ecryptfs passphrase
to effect the mount.

Every time I log in, I

Passphrase: (The real passphrase)


ecryptfs-insert-wrapped-passphrase-into-keyring .ecryptfs/g.sig
Passphrase: (The wrapping passphrase)

I’ll probably want the pam_ecryptfs.so library to help with loading
the passphrase, but haven’t worried about that yet.

Now, I can just ’emount g’ to mount, and ‘eumount g’ to unmount
it. Notice that I can add any new mounts that I want without needing
root privileges.

This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to emount – ecryptfs mount

  1. Any chance this will find it into mainline?

    • s3hh says:

      Actually it has. Unfortunately the name ’emount’ didn’t, but the functionality is in mount.ecryptfs_private, as of natty. In my .bashrc, I have:

      alias emount=”mount.ecryptfs_private”
      alias umounte=”umount.ecryptfs_private”

      and so I can do ’emount g’ and ‘umounte g’.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s