16

Running 12.04. I am trying to separate my wrapped-passphrase for my encrypted home folder to require a USB drive be present to login.

I followed the instructions here and added the drive to my fstab, put the wrapped-passphrase file on the drive, and then created a symbolic link back to ~/.ecryptfs. The drive mounts fine but the symbolic link doesn't seem to be connecting the two as when I login it flashes a purple screen for a fraction of a second than takes me back to the login screen. What am I doing wrong?

Jorge Castro
  • 70,934
  • 124
  • 466
  • 653
Joseph28
  • 171
  • 3
  • 1
    Could you run `ls -l /home/youruser/.ecryptfs` – David Dec 27 '12 at 21:45
  • In addition to the above, please also do `tail /var/log/syslog` immediately after such a failed login attempt and post the output. This will contain any ecryptfs errors. – tgies Dec 29 '12 at 14:57

2 Answers2

1

This thread details how to use a USB stick as your boot device, though for different reasons. I like the fact that without the stick the machine appears to have no OS on it.

BuZZ-dEE
  • 13,993
  • 18
  • 63
  • 80
user89599
  • 365
  • 3
  • 6
  • 3
    Whilst this may theoretically answer the question, [it would be preferable](http://meta.stackexchange.com/q/8259) to include the essential parts of the answer here, and provide the link for reference. – Eliah Kagan Jan 31 '13 at 14:43
-1

Have you considered this: "How to Secure SSH with Google Authenticator’s Two-Factor Authentication"?

Its not a USB it is an app on our phone that generates a code.

BuZZ-dEE
  • 13,993
  • 18
  • 63
  • 80
wlraider70
  • 1,663
  • 13
  • 26
  • 1
    I dont think he is talking about google authentication – Sreevisakh Mar 24 '13 at 17:26
  • 1
    I get that hes not talking about Google auth. (I read the post) I mentioned it because it is a two factor system, and it seems that the purpose of OP's link was to secure the hard drive with 2 factor. The google auth system is a "something you have" this it is somewhat relevant. i would have left that link as a comment, but I lacked the rep at the time. – wlraider70 Mar 24 '13 at 18:52