-
Notifications
You must be signed in to change notification settings - Fork 241
Mounting on login with Gnome keyring
To automatically mount an encrypted folder at user login, the gnome keyring service can be used on many Linux distributions (tested on Solus Linux).
First step is to store the password in the keyring. The label assigned is only used to easily identify the different passwords stored in the keyring. One or more attribute/value pairs can be stored with the password and are used later for the lookup. Below example suggests to use the path of the encrypted folder for the lookup and call the attribute "cipher".
secret-tool store --label="MyLabel" cipher /path/to/encyrpted/folder
Now the stored password can be used by gocryptfs with the --extpass option
gocryptfs --extpass="secret-tool lookup cipher /path/to/encyrpted/folder" /path/to/encyrpted/folder /path/to/plain/folder
This command can be directly added to the auto-start commands to mount the encrypted folder at user login since the user keyring is usually automatically unlocked at user login.
Note: Avoid to use any space characters in the attribute or value strings. This will cause issues with gocryptfs --extpassoption.