1mount.ecryptfs_private(1) eCryptfs mount.ecryptfs_private(1)
2
3
4
6 mount.ecryptfs_private - eCryptfs private mount helper.
7
8
10 mount.ecryptfs_private [ALIAS]
11
12 NOTE: This program will not dynamically load the relevant keys. For
13 this reason, it is recommended that users use ecryptfs-mount-private(1)
14 instead!
15
16
18 mount.ecryptfs_private is a mount helper utility for non-root users,
19 who are members of ecryptfs group, to cryptographically mount a private
20 directory, ~/Private by default.
21
22 This program optionally takes one argument, ALIAS. If ALIAS is omit‐
23 ted, the program will default to using "Private" using:
24 - $HOME/.Private as the SOURCE
25 - $HOME/Private as the DESTINATION
26 - $HOME/.ecryptfs/Private.sig for the key signatures.
27
28 If ALIAS is specified, then the program will look for an fstab(5) style
29 configuration in:
30 - $HOME/.ecryptfs/ALIAS.conf and for key signature(s) in:
31 - $HOME/.ecryptfs/ALIAS.sig
32
33 The mounting will proceed if, and only if:
34 - the required passphrase is in their kernel keyring, and
35 - the current user owns both the SOURCE and DESTINATION mount points
36 - the DESTINATION is not already mounted
37
38 This program will:
39 - mount SOURCE onto DESTINATION
40 - as an ecryptfs filesystem
41 - using the AES cipher
42 - with a key length of 16 bytes
43 - using the passphrase whose signature is in ~/.ecryptfs/Private.sig
44
45 The only setuid operation in this program is the call to mount(8) or
46 umount(8).
47
48 The ecryptfs-setup-private(1) utility will create the ~/.Private and
49 ~/Private directories, generate a mount passphrase, wrap the
50 passphrase, and write the ~/.ecryptfs/Private.sig.
51
52 The system administrator can add the pam_ecryptfs.so module to the PAM
53 stack which will automatically use the login passphrase to unwrap the
54 mount passphrase, add the passphrase to the user's kernel keyring, and
55 automatically perform the mount. See pam_ecryptfs(8).
56
57
59 ~/.Private - underlying directory containing encrypted data
60
61 ~/Private - mountpoint containing decrypted data (when mounted)
62
63 ~/.ecryptfs/Private.sig - file containing signature of mountpoint
64 passphrase
65
66 ~/.ecryptfs/wrapped-passphrase - mount passphrase, encrypted with the
67 login passphrase
68
69
71 ecryptfs(7), ecryptfs-rewrap-passphrase(1), ecryptfs-setup-private(1),
72 keyctl(1), mount(8), umount.ecryptfs_private(1), pam_ecryptfs(8),
73 fstab(5)
74
75 /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html
76
77 http://launchpad.net/ecryptfs/
78
79
81 This manpage and the mount.ecryptfs_private utility was written by
82 Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be
83 used by others). Permission is granted to copy, distribute and/or mod‐
84 ify this document under the terms of the GNU General Public License,
85 Version 2 or any later version published by the Free Software Founda‐
86 tion.
87
88 On Debian systems, the complete text of the GNU General Public License
89 can be found in /usr/share/common-licenses/GPL.
90
91
92
93ecryptfs-utils 2008-07-21 mount.ecryptfs_private(1)