Home / ubuntu / Questions / 106619
Accepted
Germar
Asked: 2012-02-23 10:17:02 +0800 CST

encfs home directory: ssh access dismount after a while

  • 772

I've setup an encrypted homedir according to this EncryptedHomeDirectoryHowto.

To gain ssh access I've added auth required pam_encfs.so to /etc/pam.d/sshd

$ cat /etc/pam.d/sshd | egrep -v ^#
auth       required     pam_env.so # [1]
auth       required     pam_env.so envfile=/etc/default/locale
auth       required     pam_encfs.so
@include   common-auth
account    required     pam_nologin.so
@include   common-account
@include   common-session
session    optional     pam_motd.so # [1]
session    optional     pam_mail.so standard noenv # [1]
session    required     pam_limits.so

It does work for a short time after login but after 5-10min the homedir will be unmounted. If I'm logged in locally everything is working fine. Even ssh from an other machine.

It seems like unmount is done everytime cron is starting:

/var/log/auth

Feb 22 19:01:01 xxxxx sshd[12746]: Accepted password for USER from xxx.xxx.xxx.xxx port 39769 ssh2
Feb 22 19:01:01 xxxxx sshd[12746]: pam_unix(sshd:session): session opened for user USER by (uid=0)
Feb 22 19:05:01 xxxxx CRON[13248]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb 22 19:05:01 xxxxx CRON[13248]: pam_unix(cron:session): session closed for user root
encryption home-directory ssh encfs

1 Answers

  1. Best Answer

    Check the parameters in /etc/security/pam_encfs.conf. On my system, I see the line

    encfs_default --idle=1

    which triggers an unmount after the filesystem has been idle for 1 minute with no file open. Set the idle parameter to 0 to disable the automatic unmounting. You may set it in a mount-point-specific line instead of the default if you prefer.

    • 3