|
1442.
|
|
|
Automatically Mounting Encrypted Partitions
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1722(title)
|
|
1443.
|
|
|
There are a couple of ways to automatically mount an <application>ecryptfs</application> encrypted filesystem at boot. This example will use a <filename>/root/.ecryptfsrc</filename> file containing mount options, along with a passphrase file residing on a USB key.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1724(para)
|
|
1444.
|
|
|
First, create <filename>/root/.ecryptfsrc</filename> containing:
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1730(para)
|
|
1445.
|
|
|
key=passphrase:passphrase_passwd_file=/mnt/usb/passwd_file.txt
ecryptfs_sig=5826dd62cf81c615
ecryptfs_cipher=aes
ecryptfs_key_bytes=16
ecryptfs_passthrough=n
ecryptfs_enable_filename_crypto=n
|
|
|
represents a line break.
Start a new line in the equivalent position in the translation.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1734(programlisting)
|
|
1446.
|
|
|
Adjust the <emphasis>ecryptfs_sig</emphasis> to the signature in <filename>/root/.ecryptfs/sig-cache.txt</filename>.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1744(para)
|
|
1447.
|
|
|
Next, create the <filename>/mnt/usb/passwd_file.txt</filename> passphrase file:
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1749(para)
|
|
1448.
|
|
|
passphrase_passwd=[secrets]
|
|
|
represents a line break.
Start a new line in the equivalent position in the translation.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1753(programlisting)
|
|
1449.
|
|
|
Now add the necessary lines to <filename>/etc/fstab</filename>:
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1757(para)
|
|
1450.
|
|
|
/dev/sdb1 /mnt/usb ext3 ro 0 0
/srv /srv ecryptfs defaults 0 0
|
|
|
represents a line break.
Start a new line in the equivalent position in the translation.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1761(programlisting)
|
|
1451.
|
|
|
Make sure the USB drive is mounted before the encrypted partition.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
serverguide/C/security.xml:1766(para)
|