ecryptfs-setup-private(1) | eCryptfs | ecryptfs-setup-private(1) |
NAME¶
ecryptfs-setup-private - setup an eCryptfs private directory.SYNOPSIS¶
ecryptfs-setup-private [-f|--force] [-w|--wrapping] [-b|--bootstrap] [-n|--no-fnek] [--nopwcheck] [-u|--username USER] [-l|--loginpass LOGINPASS] [-m|--mountpass MOUNTPASS]OPTIONS¶
Options available for the ecryptfs-setup-private command:- -f, --force
- Force overwriting of an existing setup
- -w, --wrapping
- Use an independent wrapping passphrase, different from the login passphrase
- -u, --username USER
- User to setup, default is current user if omitted
- -l, --loginpass LOGINPASS
- System passphrase for USER, used to wrap MOUNTPASS, will interactively prompt if omitted
- -m, --mountpass MOUNTPASS
- Passphrase for mounting the ecryptfs directory, default is 16 bytes from /dev/urandom if omitted
- -b, --bootstrap
- Bootstrap a new user's entire home directory
- --undo
- Display instructions on how to undo an encrypted private setup
- -n, --no-fnek
- Do not encrypt filenames; otherwise, filenames will be encrypted on systems which support filename encryption
- --nopwcheck
- Do not check the validity of the specified login password (useful for LDAP user accounts)
- --noautomount
- Setup this user such that the encrypted private directory is not automatically mounted on login
- --noautoumount
- Setup this user such that the encrypted private directory
is not automatically unmounted at logout
DESCRIPTION¶
ecryptfs-setup-private is a program that sets up a private cryptographic mountpoint for a non-root user.1) exported as environment variables
2) specified on the command line
3) left empty and interactively prompted
- Create ~/.Private (permission 700)
- Create ~/Private (permission 500)
- Backup any existing wrapped passphrases
- Use LOGINPASS to wrap and encrypt MOUNTPASS
- Write to ~/.ecryptfs/wrapped-passphrase
- Add the passphrase to the current keyring
- Write the passphrase signature to ~/.ecryptfs/Private.sig
- Test the cryptographic mount with a few reads and writes
FILES¶
~/.ecryptfs/auto-mountSEE ALSO¶
- ecryptfs-rewrap-passphrase(1), mount.ecryptfs_private(1), pam_ecryptfs(8), umount.ecryptfs_private(1)
-
- /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html
-
AUTHOR¶
This manpage and the ecryptfs-setup-private utility was written by Dustin Kirkland <kirkland@ubuntu.com> for Ubuntu systems (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.2008-11-17 | ecryptfs-utils |