Automatically mount encrypted filesystems at login with pam_mount


 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements UNIX and Linux RSS News Automatically mount encrypted filesystems at login with pam_mount
# 1  
Old 11-06-2008
Automatically mount encrypted filesystems at login with pam_mount

11-06-2008 09:00 AM
The pam_mount project lets you unlock an encrypted filesystem automatically when you log in. The same password used to log in is used as the key to unlock the encrypted filesystem, so you only need to type it once. Using this method, you can easily share a laptop and have only a single user's home directory unlocked and mounted when he logs in. And pam_mount can mount any filesystem, not just encrypted filesystems, so you can use it, for example, with an NFS share that you are interested in but which you might not like to leave mounted when you are not logged in.



Source...
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

How can we re-mount the RAM disk automatically after the reboot on AIX?

Hi All, I was trying to know more about RAM disk concept in AIX. I found something on IBM site. I was able to create and use/delete RAM disk as per IBM instructions. But as you guys know, this RAM disk is a temporary storage. (*when ever we reboot the AIX LPAR, content/RAM disk will be... (4 Replies)
Discussion started by: System Admin 77
4 Replies

2. OS X (Apple)

Creating a hidden partition that doesn't mount automatically

I have a drive full of diagnostic images (ASD), and I also use it for storage, installers, etc. When I plug it in to a booted system, it has to mount every single volume (about 25) which can take some time. I would like to keep all the ASD partitions from mounting when plugged in/at boot. I know... (0 Replies)
Discussion started by: nextyoyoma
0 Replies

3. UNIX for Advanced & Expert Users

Login putty automatically

Hi Guys , I am using putty.exe file to login to servers . I heard that there is way to save my username and password in putty so that i no need to give my creds while logging into putty . If so please provide me th way to do so . Please note : I am not talking about keyfile . Thanks in... (6 Replies)
Discussion started by: radha254
6 Replies

4. AIX

NFS mount nested filesystems ?

Hello, machine1:mount /dev/lv1 /dir1 mount /dev/lv2 /dir1/subdir1 exportfs /dir1 machine2: If I do NFS mount: mount machine1:/dir1 /foreign1 then /foreign1/subdir1 is empty. Does NFS supports this kind of mounting ? thanks Vilius (2 Replies)
Discussion started by: vilius
2 Replies

5. UNIX for Advanced & Expert Users

script to automatically mount external usb hard disk

hi all, I have a debian lenny 5.0 server without GNOME installed. the server is at a customer's premise. I want to backup data from the server to the external usb hard disk. the backup will start at e.g 01:00 everyday. the user will plug the drive before going home. also the user will... (1 Reply)
Discussion started by: coolatt
1 Replies

6. AIX

How to automatically load a script once I login?

Hi, may I know how to automatically load a script once I login? For example, I want to load "set -o vi" command once I login in my Aix. (2 Replies)
Discussion started by: ngaisteve1
2 Replies

7. Shell Programming and Scripting

Automatically change to Bash shell after login

Hi men, I think this must be a very common job. "How could to Automatically change to Bash shell after login and then jail user can only using this shell". I want monitor user works.However it just only effect on Bash shell. Consequently if the user change the shell it will be worthless. ... (4 Replies)
Discussion started by: tien86
4 Replies

8. AIX

Filesystems automatically umounted Closed/Synced

Hello friends, I am confused with one of aix filesystem problem. On one of my server, some of my rootvg filesystems shows Closed/synced status for i.e /home, /var/adm/ras/platform Everyday i manually mount these filesystems. What is the reason causing filesystems to go in Closed/synced... (4 Replies)
Discussion started by: Shrek
4 Replies

9. UNIX for Advanced & Expert Users

Can we launch a shell script automatically upon ssh login?

Greetings all, I'll just like to know if it is possible to launch a shell script automatically upon a user's successful login into ssh from a remote host, without adding a command parameter to the ssh command... ie. after keying in ssh username@host (not ssh username@host "command") and upon... (1 Reply)
Discussion started by: rockysfr
1 Replies

10. AIX

Vi opens automatically when i login to a unix box

When I login to a unix box using a putty session , I'm landed in a vi editor, instead of my home directory,I'm guessing instead of pointing me to my home directory, the system points me to /usr/bin/vi. As a result, everytime I log into the system I open up a vi editor and am in there. how do i... (3 Replies)
Discussion started by: ramky79
3 Replies
Login or Register to Ask a Question
mount.crypt(8)							     pam_mount							    mount.crypt(8)

Name
       mount.crypt - mount a dm-crypt encrypted volume

Syntax
       mount.crypt [-nrv] [-o options] device directory

Options
       -o options
	      Set further mount options. mount.crypt will take out its own options it recognizes and passes any remaining options on to the under-
	      lying mount program. See below for possible options.

       -n     Do not update /etc/mtab. Note that this makes it impossible to unmount the volume by naming the container - you will  have  to  pass
	      the mountpoint to umount.crypt.

       -r     Set  up  the loop device (if necessary) and crypto device in read-only mode.  (The mount itself will necessarily also be read-only.)
	      Note that doing a remount using `mount /mnt -o remount,rw` will not make the mount readwrite. The crypto and loop devices will  have
	      to be disassociated first.

       -v     Turn on debugging and be a bit more verbose.

Mount options
       cipher The  cryptsetup  cipher  used  for  the  encrypted  volume.  This option is mandatory.  pmt-ehd(8) defaults to creating volumes with
	      "aes-cbc-essiv:sha256" as a cipher.

       dm-timeout=seconds
	      Wait at most this many seconds for udev to create /dev/mapper/name after calling cryptsetup(8). The default value is 0 seconds.

       fsck   Run fsck on the container before mounting it.

       fsk_cipher
	      The OpenSSL cipher used for the filesystem key.

       fsk_hash
	      The OpenSSL hash used for producing key and IV.

       fstype The exact type of filesystem in the encrypted container. The default is to let the kernel autodetect.

       keyfile
	      The path to the key file. This option is mandatory for "normal" crypto volumes and should not be used for LUKS volumes.

       remount
	      Causes the filesystem to be remounted with new options. Note that mount.crypt cannot switch the underlying loop device (if  applies)
	      or the crypto device between read-only and read-write once it is created; only the actual filesystem mount can be changed, with lim-
	      its. If the loop device is read-only, the crypto device will be read-only, and changing the mount to read-write is impossible.  Sim-
	      ilarly,  going from rw to ro will only mark the mount read-only, but not the crypto or loop device, thus making it impossible to set
	      the filesystem the crypto container is located on to read-only.

       ro     Same as the -r option.

       verbose
	      Same as the -v option.

Obsolete mount options
       This section is provided for reference.

       loop   This option used to set up a loop device, because cryptsetup(8) expects a block device. The option is  ignored  because  mount.crypt
	      can figure this out on its own.

pam_mount							    2008-10-08							    mount.crypt(8)