Auto-mounting an ecryptfs partition which is on a usb drive
 

I have an ecryptfs partition on a usb drive, system runs Debian squeeze.

What I'd like to have is that when I connect the drive it will be auto. mounted and I'll either have to enter the passphrase or it will already be in the keyring (even better).

It seems ecryptfs can auto-mount a directory but I want to auto-mount an entire encrypted partition. Is this possible?.

Also, can I have another encrypted directory, say ~/Private, at the same time or can ecryptfs handle only one at a time?.

Thanks,
Mike.

You do not mount directories. Directories are files.

eCryptfs has to work as a layer on top of another filesystem.
When you mount eCryptfs over a directory, it decrypts the files in it... allowing plain-text access.
overview of concepts including dicussions of the sorts of security issues that ecryptfs is supposed to solve.

You can get ecryptfs "partitions" to mount at boot easily enough:
https://help.ubuntu.com/9.04/serverg.../ecryptfs.html
... the approach is to mount the partition fs first, then mount ecryptfs over the top of that.

presumably you can do something similar for hotpluggable devices in the udev rules.

Cannot see any reason you cannot have more than one ecryptfs encrypted directory. Easy to check. Try it and see.

Thanks Simon.

I think I've got it working. Two partitions on the USB stick, encrypted and unecrypted.
The encrypted gets mounted auto. via fstab, first with UUID (for example mounting /dev/sdc1 to /media/usb1) and then another entry for ecryptfs. Default ecryptfs mount options in ~/.ecryptfsrc

Cheers.

Well done. Knew you'd do it.