Ubuntu
ecryptfs-utils package

add support for using USB devices as key to pam_ecryptfs

Bug #293836 reported by Mathieu Trudel-Lapierre
4
Affects Status Importance Assigned to Milestone
eCryptfs
Invalid
Undecided
Unassigned
ecryptfs-utils (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: ecryptfs-utils

An intresting idea, using the existence of a specific connected USB devices, such as a pen drive, to act as a key. Maybe through the use of the filesystem's serial number or UUID, or some form of unique identifier from the device?

See original description
Mathieu Trudel-Lapierre (cyphermox)
description: updated
Revision history for this message
Adam Niedling (krychek) wrote :

Are you sure that this is a bug? Please suggest your ideas at brainstorm.ubuntu.com . This report should be closed if this is not a bug.

Revision history for this message
Dustin Kirkland  (kirkland) wrote : Re: [Bug 293836] Re: add support for using USB devices as key to pam_ecryptfs

Adam-

I asked Matt to file this here as a bug.

As a developer, I like to track such feature requests in Launchpad as a bug.

Thanks,
:-Dustin

Dustin Kirkland  (kirkland)
Changed in ecryptfs:
status: New → Confirmed
Changed in ecryptfs-utils:
status: New → Confirmed
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Matt-

This should be handled entirely in documentation.

Here are the basic instructions:

Partition and format the USB stick
# fdisk /dev/sdb
# mkfs.ext3 /dev/sdb1

Copy your .ecryptfs to the USB stick
# mount /dev/sdb1 /mnt
# cp -a /home/USERNAME/.ecryptfs/* /mnt
# umount /mnt

Obtain the UUID
# blkid /dev/sdb1

Add to your fstab to mount on boot
UUID=46112c9a-a75d-4122-8975-cde61329w9c /home/USERNAME/.ecryptfs xfs relatime 0 2

I think that's all you need. It would be *great* if you could perhaps take these instructions, test/tweak them, and add them to a new page in the Community Wiki, perhaps:
 * http://help.ubuntu.com/community/EncryptedPrivateDirectoryUsbKey

:-Dustin

Changed in ecryptfs:
status: Confirmed → Invalid
Changed in ecryptfs-utils:
status: Confirmed → Invalid
Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Sure, will do.

I was actually thinking of some way for it to be plug and play, rather
than requiring a reboot or root access to do this, but I think I can
figure it out pretty easily, and I'll include it in the page.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.