summaryrefslogtreecommitdiff
path: root/Auto-mount-using-Gnome-keyring.md
blob: 2a5c376f2376010d175fca617d73f8a72939d759 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
To automatically mount an encrypted folder at user login, the gnome keyring service can be used on many Linux distributions (tested on Solus Linux).

First step is to store the password in the keyring. The label assigned is only used to easily identify the different passwords stored in the keyring. One or more attribute/value pairs can be stored with the password and are used later for the lookup. Below example suggests to use the path of the encrypted folder for the lookup and call the attribute "cipher".

```
secret-tool store --label="MyLabel" cipher /path/to/encyrpted/folder
```

Now the stored password can be used by gocryptfs with the `--extpass` option

```
gocryptfs --extpass="secret-tool lookup cipher /path/to/encyrpted/folder" /path/to/encyrpted/folder /path/to/plain/folder
```

This command can be directly added to the auto-start commands to mount the encrypted folder at user login since the user keyring is usually automatically unlocked at user login.

**Note:** Avoid to use any space characters in the attribute or value strings. This will cause issues with gocryptfs `--extpass`option.