I am trying to beef up my security on a remote NUC running Slackware 14.1 by no longer allowing password logins via SSH...and only allowing public key authentications.
I was able to log in remotely and generate the keys; however, what I soon realized was that when trying to transfer the keys via SFTP, ecryptfs does not mount my private directory, leaving the keys stranded because I couldn't find a way to send
ecryptfs-mount-private to the NUC's shell via SFTP.
Whenever I log in via SSH, ecryptfs automatically mounts my encrypted directory.
I tried to run
ecryptfs-umount-private while SSH'd in (to add the mount directive to ~/.profile as suggested
here, even though it is an Ubuntu forum), but any calls to anything ecryptfs produce command not found from bash.
This is puzzling to me because when I SFTP in, I see the text file instructing me to run
ecryptfs-mount-private. Slackware's implementation of ecryptfs must not allow tinkering with encrypted home directories?
Is there any way to retrieve my authentication keys remotely via SFTP, or is it just not possible to unmount the encrypted filesystem in SSH to induce configuration via
unmounted ~/.profile?
Even if I was able to create an
unmounted ~/.profile, would Slackware even care?