[clug] SSH Public key auth + Encrypted home dir
Jeremy Kerr
jk at ozlabs.org
Mon Aug 24 06:56:01 MDT 2009
Ben,
> The jist is that sshd can't read your authorized_keys file while your
> home directory is unmounted (and encrypted). Of course it's fine if
> another session has already decrypted and mounted $HOME.
You could change the server's AuthorizedKeysFile configuration, to look in a
common folder (/etc/sshd/authorized_keys/$USER perhaps?), rather than than
within the user's home dir (which is overwritten during the mount). Then just
symlink ~/.ssh/authorized_keys to this file.
This way you only have one copy of the authorized_keys file, and it'll be
available both before and after login.
However, this still doesn't solve the issue you'll have next, which is that
your encrypted filesystem won't be mounted when logging in via ssh (since the
ssh authentication never has your logon password). You can always mount it
manually though.
Cheers,
Jeremy
More information about the linux
mailing list