Linux command
pam_ecryptfs 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Auto-mount encrypted home
auth optional pam_ecryptfs.so unwrap
Session setup
session optional pam_ecryptfs.so unwrap
Password sync
password optional pam_ecryptfs.so
说明
pam_ecryptfs is the PAM glue that makes per-user eCryptfs encrypted home directories transparent at login: when used in the `auth` and `session` stacks it inserts the user's mount passphrase into the kernel keyring (typically by unwrapping `~/.ecryptfs/wrapped-passphrase` with the login password) and then invokes the helper that mounts `~/.Private` (or the entire home) on top of `~`. On logout the session step unmounts and clears the keys. It is the kernel-side counterpart of the ecryptfs-utils suite (`ecryptfs-setup-private`, `ecryptfs-mount-private`).
参数
- unwrap
- Use the user's login passphrase to decrypt the wrapped mount passphrase stored in `~/.ecryptfs/wrapped-passphrase` and add it to the kernel keyring.
FAQ
What is the pam_ecryptfs command used for?
pam_ecryptfs is the PAM glue that makes per-user eCryptfs encrypted home directories transparent at login: when used in the `auth` and `session` stacks it inserts the user's mount passphrase into the kernel keyring (typically by unwrapping `~/.ecryptfs/wrapped-passphrase` with the login password) and then invokes the helper that mounts `~/.Private` (or the entire home) on top of `~`. On logout the session step unmounts and clears the keys. It is the kernel-side counterpart of the ecryptfs-utils suite (`ecryptfs-setup-private`, `ecryptfs-mount-private`).
How do I run a basic pam_ecryptfs example?
Run `auth optional pam_ecryptfs.so unwrap` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does unwrap do in pam_ecryptfs?
Use the user's login passphrase to decrypt the wrapped mount passphrase stored in `~/.ecryptfs/wrapped-passphrase` and add it to the kernel keyring.