Ubuntu – Ecryptfs on too-small harddrive – how to add links into the encryption

ecryptfs

I am using ecryptfs for my home directory. I now want to switch to an SSD but my home dir is currently 350gb in size and I don't have the money to buy an ssd that size. What I got is a 128gb ssd that I want to install the root system on, as well as the "base" of my home directory (incl. source code, configuration files, i.e. the files used most often). All the subdirectories that contain lots of data but are rarely accessed (music, pictures, documents) I want to keep on a plain hdd and just link the directories in. However esp. for pictures and documents I really do want to keep encryption.

Is there an official / efficient / easy / secure way to soft-link directories from another location into my home directory and also being encrypted? Ideally ecryptfs would handle this automatically, however auto-mounting of these directories (preferably at least semi-automatically but definitely securely) would be an acceptable compromise.

Best Answer

You can accomplish this using mount.ecryptfs_private's alias feature. From the manpage:

   mount.ecryptfs_private  is a mount helper utility for non-root users to
   cryptographically mount a private directory, ~/Private by default.

   This program  optionally  takes  one  argument,  ALIAS.   If  ALIAS  is
   omitted, the program will default to using "Private" using:
    - $HOME/.Private as the SOURCE
    - $HOME/Private as the DESTINATION
    - $HOME/.ecryptfs/Private.sig for the key signatures.

   If ALIAS is specified, then the program will look for an fstab(5) style
   configuration in:
    - $HOME/.ecryptfs/ALIAS.conf and for key signature(s) in:
    - $HOME/.ecryptfs/ALIAS.sig
Related Question