Difference between revisions of "Ecryptfs Home with SSH Key Login"

• To remote Login to a System with ecryptfs Home and SSH Public Key Auth do:
• Create .ssh folder in /home for the keys to be stored

$sudo mkdir /home/.ssh

• move existing authorized_keys file into .ssh dir as username

$sudo mv ~/.ssh/authorized_keys /home/.ssh/username
$sudo chmod 600 /home/.ssh/username

• c reate symbolic link to authorized_keys file in user .ssh

$ln -s /home/.ssh/username ~/.ssh/authorized_keys

• update sshd config file to set the new path for the authorized_keys file

$sudo nano /etc/ssh/sshd_config

• change the AuthorizedKeysFile line to:

AuthorizedKeysFile      /home/.ssh/%u

• change User Profile to auto mount ecryptfs-home

$sudo nano ~/.profile

• add these lines at the Top Line 3-5:

ecryptfs-mount-private
cd /home/username

• copy the .profile outside home to tmp,later back to UNMOUNTED /home/username!

$sudo cp ~/.profile /tmp # if the User is logged OUT, cause the ecrpyt-mount needs a .profile!
$sudo mv /tmp/.profile /home/username 

• check correct file rights!

$sudo ls -l /home/username/.profile

• reboot

$sudo reboot

• Test the remote SSH Login to the System the Home must now be unlocked and mounted as /home/Username/.Private