Ubuntu – ecrytfs – purpose of Private.sig and Private.mnt


I just switched to ecryptfs and like it in conjunction with incremental backups.
But, what I have not understood is what are Private.sig and Private.mnt files used fore. Why should they be kept especially save for backup as well?

Could anyone please explain?

Best Answer

Private.mnt is a configuration file read by mount.ecryptfs_private at login that defines where your encrypted directory should be mounted. If you've encrypted your home directory, this will be $HOME. But some people choose to encrypt some other directory, perhaps a subset of $HOME, like $HOME/Private.

Private.sig contains "signatures" or "hashes" of your encryption keys. These are used as "handles" to identify the keys in use. It provides a safe, secure mechanism for eCryptfs to determine if you're using the correct key or not.

Both of these are absolutely required and eCryptfs will NOT function properly with out them!!!

Full disclosure: I'm one of the authors and maintainers of eCryptfs.

Related Question