ECryptfs: Difference between revisions
imported>Makefu (import from nixos-users) |
imported>Fadenb m (Syntaxhighlight) |
||
| Line 1: | Line 1: | ||
[http://ecryptfs.org/ eCryptfs] is a cryptographic filesystem encrypting each file individually. To install <code>ecryptfs</code> add the following to <code>environment.systemPackages</code>: | [http://ecryptfs.org/ eCryptfs] is a cryptographic filesystem encrypting each file individually. To install <code>ecryptfs</code> add the following to <code>environment.systemPackages</code>: | ||
< | <syntaxhighlight lang="nix">{ | ||
environment.systemPackages = [ | environment.systemPackages = [ | ||
ecryptfs | ecryptfs | ||
ecryptfs-helper | ecryptfs-helper | ||
]; | ]; | ||
}</ | }</syntaxhighlight> | ||
<code>ecryptfs-helper</code> contains utilities to facilitate e.g. encrypting your home folder, mounting it as user, and data recovery. | <code>ecryptfs-helper</code> contains utilities to facilitate e.g. encrypting your home folder, mounting it as user, and data recovery. | ||
| Line 13: | Line 13: | ||
To automatically mount your private folder on login with <code>PAM</code>, add this to your <code>config</code>: | To automatically mount your private folder on login with <code>PAM</code>, add this to your <code>config</code>: | ||
< | <syntaxhighlight lang="nix">{ | ||
security.pam.enableEcryptfs = true; | security.pam.enableEcryptfs = true; | ||
}</ | }</syntaxhighlight> | ||
Revision as of 09:16, 27 August 2017
eCryptfs is a cryptographic filesystem encrypting each file individually. To install ecryptfs add the following to environment.systemPackages:
{
environment.systemPackages = [
ecryptfs
ecryptfs-helper
];
}
ecryptfs-helper contains utilities to facilitate e.g. encrypting your home folder, mounting it as user, and data recovery.
man ecryptfs-setup-private describes how to encrypt your home folder.
To automatically mount your private folder on login with PAM, add this to your config:
{
security.pam.enableEcryptfs = true;
}