how to automatically mount ~/Private using ecryptfs when logging in via ssh pubkey

Posted by andreash on Server Fault See other posts from Server Fault or by andreash
Published on 2011-02-02T14:51:26Z Indexed on 2011/02/02 15:27 UTC
Read the original article Hit count: 362

Filed under:

ssh

|

debian

|

ssh-keys

|

ecryptfs

Raionale: I want to be able to automatically make backups to a remote machine, which will be encrypted with ecryptfs.

The title says it all:

I set up ecryptfs-utils on my Debian Squeeze box, and set up one user to use it via ecryptfs-setup-private. When I log in via SSH using password authentication, the ~/Private directory automatically gets mounted.

How can I achieve that ~/Private also automatically gets mounted when logging in via SSH using public key authentication? Obviously, the best solution would be if ecryptfs could somehow 'use' the SSH public key to en/decrypt the data (I know that then using the user's password would not be able to en/decrypt the data any more; this would be acceptable). Probably, this will not work. So perhaps somehow call ecryptfs-mount-private via ssh before logging in via public key? Probably, then I would need to somehow pipe the passphrase through the SSH connection, right? So I would need to store it on the source machine's file system. Not nice either. Any other ideas?

© Server Fault or respective owner

Related posts about ssh

Problem with hadoop start-dfs.sh

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed and configured hadoop on my Ubuntu 14.04 server, virtualized inside of hyper-v, however I am getting an issue when i run start-dfs.sh root@sUbuntu01:/var/log# start-dfs.sh 14/06/04 15:27:08 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java… >>> More
SSH problems (ssh_exchange_identification: read: Connection reset by peer)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I was running 11.10 and decided to do the full upgrade and come up to 12.04 after the update SSH (not SSHD) is now misbehaving when attempting to connect to other OpenSSH instances. I say OpenSSH as I am running a DropBear sshd on my router and I am able to connect to it. When attempting to connect… >>> More
SSH main process ended

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running ubuntu server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
SSH server not working (respawns until stopped)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running Ubuntu Server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
Cannot SSH after resetting firewall on VPS

as seen on Server Fault - Search for 'Server Fault'
I'm having trouble trying to SSH to my Debian 5 VPS with blacknight. It was working fine until I did the following: Logged into 'Parallels Infrastructure Manager' - Container - Firewall - Set to 'Normal Firewall settings'. It told me there was an error with the IPTables and offered the option again… >>> More

Related posts about debian

Trying to update debian not working

as seen on Super User - Search for 'Super User'
As root i type this command apt-get update and get these error messages. > Err http://security.debian.org lenny/updates Release.gpg Could not resolve 'security.debian.org' Err http://security.debian.org lenny/updates/main… >>> More
Trouble with dns and debian update

as seen on Server Fault - Search for 'Server Fault'
I tried to update my debian dreamplug server with the command running as root apt-get update and recieved these errors. Err http://security.debian.org lenny/updates Release.gpg Could not resolve 'security.debian… >>> More
Errors when installing Open Office

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I followed the first set of instructions on this page to install Open Office: How to install Open Office? However, the last step which says to change the CHMOD of a folder, I got an error saying that the directory does not exist. Open Office now appears in my Ubuntu start menu, but clicking… >>> More
Installing PHP4 on a Debian (lenny) 7 32bit box

as seen on Server Fault - Search for 'Server Fault'
I am trying to install PHP4 on a Debian 7 32bit box but I ran into the following root@php4:~# apt-get update Get:1 http://snapshot.debian.org lenny Release.gpg [189 B] Hit http://snapshot.debian.org lenny Release Ign http://snapshot.debian.org lenny Release Hit http://snapshot.debian.org lenny/main… >>> More
Debian keyring error: "No keyring installed"

as seen on Server Fault - Search for 'Server Fault'
I have a Debian Squeeze EC2 AMI. On booting up an instance with it and trying to install packages with apt-get I get errors saying there is no keyring installed. Here is the error with apt-get update: root@ip:~# apt-get update Get:1 http://ftp.us.debian.org squeeze Release.gpg [1672 B] Ign http://ftp… >>> More