1mount.ecryptfs_private(1) eCryptfs mount.ecryptfs_private(1)
2
3
4
6 mount.ecryptfs_private - eCryptfs private mount helper.
7
8
10 mount.ecryptfs_private [ALIAS]
11
12 NOTE: This program will not dynamically load the relevant keys. For
13 this reason, it is recommended that users use ecryptfs-mount-private(1)
14 instead!
15
16
18 mount.ecryptfs_private is a mount helper utility for non-root users to
19 cryptographically mount a private directory, ~/Private by default.
20
21 This program optionally takes one argument, ALIAS. If ALIAS is omit‐
22 ted, the program will default to using "Private" using:
23 - $HOME/.Private as the SOURCE
24 - $HOME/Private as the DESTINATION
25 - $HOME/.ecryptfs/Private.sig for the key signatures.
26
27 If ALIAS is specified, then the program will look for an fstab(5) style
28 configuration in:
29 - $HOME/.ecryptfs/ALIAS.conf and for key signature(s) in:
30 - $HOME/.ecryptfs/ALIAS.sig
31
32 The mounting will proceed if, and only if:
33 - the required passphrase is in their kernel keyring, and
34 - the current user owns both the SOURCE and DESTINATION mount points
35 - the DESTINATION is not already mounted
36
37 This program will:
38 - mount SOURCE onto DESTINATION
39 - as an ecryptfs filesystem
40 - using the AES cipher
41 - with a key length of 16 bytes
42 - using the passphrase whose signature is in ~/.ecryptfs/Private.sig
43
44 The only setuid operation in this program is the call to mount(8) or
45 umount(8).
46
47 The ecryptfs-setup-private(1) utility will create the ~/.Private and
48 ~/Private directories, generate a mount passphrase, wrap the
49 passphrase, and write the ~/.ecryptfs/Private.sig.
50
51 The system administrator can add the pam_ecryptfs.so module to the PAM
52 stack which will automatically use the login passphrase to unwrap the
53 mount passphrase, add the passphrase to the user's kernel keyring, and
54 automatically perform the mount. See pam_ecryptfs(8).
55
56
58 ~/.Private - underlying directory containing encrypted data
59
60 ~/Private - mountpoint containing decrypted data (when mounted)
61
62 ~/.ecryptfs/Private.sig - file containing signature of mountpoint
63 passphrase
64
65 ~/.ecryptfs/wrapped-passphrase - mount passphrase, encrypted with the
66 login passphrase
67
68
70 ecryptfs(7), ecryptfs-rewrap-passphrase(1), ecryptfs-setup-private(1),
71 keyctl(1), mount(8), umount.ecryptfs_private(1), pam_ecryptfs(8),
72 fstab(5)
73
74 /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html
75
76 http://ecryptfs.org/
77
78
80 This manpage and the mount.ecryptfs_private utility was written by
81 Dustin Kirkland <kirkland@ubuntu.com> for Ubuntu systems (but may be
82 used by others). Permission is granted to copy, distribute and/or mod‐
83 ify this document under the terms of the GNU General Public License,
84 Version 2 or any later version published by the Free Software Founda‐
85 tion.
86
87 On Debian and Ubuntu systems, the complete text of the GNU General Pub‐
88 lic License can be found in /usr/share/common-licenses/GPL.
89
90
91
92ecryptfs-utils 2008-07-21 mount.ecryptfs_private(1)