Mount EncFS at boot

Question

am trying to get an EncFS encrypted home to mount at boot without user input (directly, not via ssh). Have tried various solutions (adding a volume entry in pam_mount.conf.xml, various tweaks to various pam files) with no joy. Can mount the encfs directory just fine manually, but requires manual entry of password. Can accomplish all of this with an expect script...

There are a number of posts on automounting encfs at boot, but can't get any of them to work (short of the expect script).

Can anyone suggest how to do this (am using Debian Squeeze)? Or is an expect script the best way to go?

Thanks!

Anyone? If we changed what we are asking to get encfs to mount at login, we are asked a 2nd time for the password. Again, have tried various posts that suggest tweaks to things like /etc/pam.d/common-auth with no success. If we want to encfs to mount automatically at login, any suggestions and avoid 2nd request for pw? Thanks! — senrabdet, Jan 21 '13 at 16:20

score 3 · Answer 1 · answered Feb 06 '13 at 13:04

3

You can pipe the password to encfs like this:

echo password | encfs -S /crypted /uncrypted

answered Feb 06 '13 at 13:04

Stone

7,011
1
21
33

You should use `encfs`'s `extpass` option instead. – Matthias Urlichs Mar 08 '18 at 10:26
why? according to the man page the `-S` param is made exactly for this. of course the password will be plain text in your script – D-rk Oct 22 '19 at 17:59

score 2 · Answer 2 · answered Jun 21 '14 at 00:51

I simply use a bash script like this one-liner:

#!/bin/bash
ENCFS6_CONFIG="/home/<user>/.keys/encfs/key_data.xml" encfs -o nonempty --extpass='/home/<user>/.keys/encfs/key_data_pw' /run/media/<user>/data /home/<user>/DATA

The use of ENCFS_CONFIG and extpass is well documented in the EncFS docs.

score 1 · Answer 3 · answered Feb 06 '13 at 12:45

Also on Squeeze, I use this line in /etc/rc.local:

/usr/local/sbin/mount_crypted_encfs.exp

And the script is:

#!/usr/bin/expect -f

set timeout 1

spawn /usr/bin/encfs /crypted /uncrypted -- -o allow_other -o default_permissions
expect "EncFS Password:"
send "myPassword\r" 

expect eof

But one out of ten times, it fails mounting and I have to run the expect script manually :-/

Grigor Kolev · Answer 4 · 2019-02-19T13:11:05.857

0

I use the SD Card as key, to open the encfs folder but you can use file specific for your system.

encfs /home/user/crypted /home/user/uncrypted -o umask='007' --public  --extpass='udevadm info --query=all --name=/dev/mmcblk0p1 | grep ID_SERIAL'

Put this in your rc.local, or run it as the service

edited Feb 19 '19 at 13:11

answered Feb 19 '19 at 11:52

Grigor Kolev

1
1

Mount EncFS at boot

4 Answers4

Linked