Could you have a skeleton home directory with just .ssh/authorized_keys in it that then has the LUKS filesystem mounted over it?<br><br>Alternatively, you can specify a different path for the authorized_keys file in sshd_config, see the man page for that:<br>
<br>"""<br> AuthorizedKeysFile<br> Specifies the file that contains the public keys that can be used for user authenti‐<br> cation. AuthorizedKeysFile may contain tokens of the form %T which are substituted<br>
during connection setup. The following tokens are defined: %% is replaced by a lit‐<br> eral ’%’, %h is replaced by the home directory of the user being authenticated, and<br> %u is replaced by the username of that user. After expansion, AuthorizedKeysFile is<br>
taken to be an absolute path or one relative to the user’s home directory. The<br> default is “.ssh/authorized_keys”.<br>"""<br><br><br>-Ian<br><br><div class="gmail_quote">On Wed, Jul 22, 2009 at 00:24, Paul Bartell <span dir="ltr"><<a href="mailto:paul.bartell@gmail.com">paul.bartell@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Perhaps use LUKS encryption, and mount it underneath the homedir so it<br>
would be like /home/you/crypt/<br>
<br>
or<br>
<br>
mount .ssh separately, from a file or something.<br>
<br>
I dont know. There arent many good options.<br>
<div><div></div><div class="h5"><br>
On Wed, Jul 22, 2009 at 5:16 AM, Eric Jahn<<a href="mailto:eric@ejahn.net">eric@ejahn.net</a>> wrote:<br>
> Good evening gentlepeople,<br>
> I have ssh keys working well between my boxes, and pam_mount nicely<br>
> decrypts my luks encrypted home dirs, *with a password*. But, I'd like<br>
> to ssh *using a key* into my box, which would then cause pam_mount to<br>
> decrypt my home dir. But this doesn't work and I don't even know if<br>
> there is a good way to do this, because pam_mount can't get to my .ssh<br>
> folder to verify the key until it decrypts the home dir. Does anyone<br>
> have a solution? Thanks! -Eric<br>
><br>
> _______________________________________________<br>
> Gslug-general mailing list<br>
> <a href="mailto:Gslug-general@gslug.org">Gslug-general@gslug.org</a><br>
> <a href="http://lists.gslug.org/mailman/listinfo/gslug-general" target="_blank">http://lists.gslug.org/mailman/listinfo/gslug-general</a><br>
><br>
<br>
<br>
<br>
</div></div><font color="#888888">--<br>
Random quote of the week/month/whenever i get to updating it: "Quis custodiet<br>
ipsos custodes?": "who shall watch the watchers themselves?" - Juvenal<br>
</font><div><div></div><div class="h5">_______________________________________________<br>
Gslug-general mailing list<br>
<a href="mailto:Gslug-general@gslug.org">Gslug-general@gslug.org</a><br>
<a href="http://lists.gslug.org/mailman/listinfo/gslug-general" target="_blank">http://lists.gslug.org/mailman/listinfo/gslug-general</a><br>
</div></div></blockquote></div><br>