Hi Jakob, Am Dienstag, 17. Januar 2012 schrieb Jakob Unterwurzacher: > On 17.01.2012 09:37, Martin Steigerwald wrote: > > Am Dienstag, 17. Januar 2012 schrieb Jakob Unterwurzacher: > >> On 16.01.2012 10:44, Martin Steigerwald wrote: > >>> Hi! > >>> > >>> I have > >>> > >>> merkaba:~> grep ecrypt /etc/fstab > >>> /home/.ms /home/ms ecryptfs > >>> noatime,noauto 0 0 > >>> > >>> And get: > >>> > >>> merkaba:~> mount /home/ms > > > >>> Passphrase: > > […] > > > >>> Error mounting eCryptfs: [-5] Input/output error > > > > […] > > > >>> Still it works. > >>> > >>> > >>> In dmesg I see: > >>> > >>> [ 2657.888355] ecryptfs_parse_options: eCryptfs: unrecognized option > >>> [noauto] > >>> [ 2657.888359] ecryptfs_parse_options: eCryptfs: unrecognized option > >>> [noatime] > >>> [ 2657.913215] alg: No test for __gcm-aes-aesni > >>> (__driver-gcm-aes-aesni) > >>> > >>> > >>> Thus I removed at least noatime, but then I still see: > >>> > >>> [ 2839.460200] ecryptfs_parse_options: eCryptfs: unrecognized option > >>> [noauto] > > > > […] > > > >>> Without noatime it would ask me the passwort upon boot, but I do not > >>> like that since I do not use that user everytime. > > > > noauto that is. > > > >>> I could use mounting via pam, but I like to have a different password > >>> for the user stored in /etc/shadow than the password from the > >>> filesystem itself. > >> > >> Note that this should work by creating ~/.ecryptfs/wrapping-independent > >> . Pam will ask for the ecryptfs password explicitely then. > > > > Thanks. > > > > Would that also work within a display manager like kdm? > > > > Ciao, > > Yes! It will ask for two passwords on login. Hmmm, I think this won't work for me. This is used by ecryptfs-mount-private it seems, but I am not only encrypting /home/$USER/Private, but /home/$USER itself. Thus I'd like to mount ~ as is with a different passphrase than my PAM login password. I tried putting an empty ~/.ecryptfs/wrapping-independent, which has the sig- cache.txt for the /home/ms mount but this doesn't do the trick, I am not asked for a password and home directory remains empty. I could put Is it true that PAM ecryptfs stuff is only for a ~/Private directory? Then that would be a reason for me to make a feature request ;). Thanks, -- Martin Steigerwald - teamix GmbH - http://www.teamix.de gpg: 19E3 8D42 896F D004 08AC A0CA 1E10 C593 0399 AE90 -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
