Commits a working script that uses gnome-keyring to mount my encrypted /home partition on my external hdd.

- Gets passphrase using the gkeyring command - Mounts the pre requisites first - Uses fnek_sig from keyring as well
2014-06-06 13:21:12 +05:30 · 2014-06-06 13:21:12 +05:30 · ffbacbab72
parent e4c3528191
commit ffbacbab72
2 changed files with 31 additions and 0 deletions
--- a/10
+++ b/10
@ -0,0 +1,10 @@
+#!/usr/bin/python
+# EASY-INSTALL-ENTRY-SCRIPT: 'gkeyring==0.3','console_scripts','gkeyring'
+__requires__ = 'gkeyring==0.3'
+import sys
+from pkg_resources import load_entry_point
+
+if __name__ == '__main__':
+    sys.exit(
+        load_entry_point('gkeyring==0.3', 'console_scripts', 'gkeyring')()
+    )
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+#!/bin/bash
+echo "Mounting /dev/sdb1 on /media via mount -a"
+sudo mount -a
+echo "Mounting /dev/sdb2 on /media/nemo/home"
+sudo mount /dev/sdb2 /media/nemo/home
+echo "Mounting /dev/sdb3 on /media/nemo/live"
+sudo mount /dev/sdb3 /media/nemo/live
+echo "Mounting encrypted partition"
+echo "Fetching passphrase from gnome-keyring"
+export PASSPHRASE=`gkeyring --name 'seagate_passphrase' -l -o secret`
+export FNEK_SIG=`gkeyring --name 'seagate_fnek_sig' -l -o secret`
+
+#We use the method of adding passphrase to a file because command line args can be read by ps
+echo "passphrase_passwd=$PASSPHRASE" > /tmp/passphrase
+#Add the passphrase to ecryptfs manager
+echo $PASSPHRASE | sudo ecryptfs-add-passphrase --fnek
+#Mount the encrypted partition
+sudo mount -t ecryptfs /media/nemo/home/.ecryptfs/nemo/.Private/ /media/nemo/home/nemo/ -o ecryptfs_sig=1b2d93c21180690d,ecryptfs_fnek_sig=$FNEK_SIG,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,key=passphrase:passphrase_passwd_file=/tmp/passphrase
+echo "Deleting passphrase file"
+rm /tmp/passphrase
+echo "Done"