Security of keyctl

Posted by ftiaronsem on Ask Ubuntu See other posts from Ask Ubuntu or by ftiaronsem
Published on 2011-02-18T09:25:45Z Indexed on 2011/02/18 15:34 UTC
Read the original article Hit count: 453

Filed under:

security

|

ecryptfs

Hello alltogether

Today I set up an ecryptfs directory, which is automatically mounted at login via pam. To do so i followed the guide in the ecryptfs readme

ecryptfs-readme

To sum up, I now have a key stored in the usser session keyring. The first thing I do not understand is why this key is only showing up via keyctl show and not with the gnome-gui "Passwords and encryption keys".

The second thing I am curious about is the security. I assume that my passphrase is somehow stored on the harddisk. But how exactly and how secure is this?

Thanks in advance

© Ask Ubuntu or respective owner

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More

Related posts about ecryptfs

How does ecryptfs impact harddisk performance?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have my home directy encrypted with ecryptfs. Does ecryptfs lead to fragmentation? I have the feeling that reading files, displaying folders and login became continuously slower and slower (although it was not noticeably slow at the beginning). The hard disk makes a lot of seek noise even if I… >>> More
Can find any /.ecryptfs dir to retrieve my encrypted home dir

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
At firs sorry for my english, it isn't my native languaje. I've readed some questions similar but no the exactly whith the same problem. I've moved my home directory to a separated partitión (Ubuntu 11.10) following this tutorial http://www.ubuntu-es.org/node/58233 After checking that they were all… >>> More
Ubuntu, Gnome, PAM and ecryptfs

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I would like to have a directory accessible to a couple of users, and not readable by maintenance types ... I can do what I want using ecryptfs and a password known only to the "couple of users" in question, who then can mount the directory and use as they see fit. I would love to be able to automate… >>> More
does eCryptfs support multiple users?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I'm new to ecryptfs and I need some clarification on how it works. Suppose there are two root users userA and userB, If I mount some folder under userA: [userA@Dev] $ mount ecryptfs real img now I can visit the img folder to access decrypted data. My questions is: While userA is still in log in… >>> More
how to automatically mount ~/Private using ecryptfs when logging in via ssh pubkey

as seen on Server Fault - Search for 'Server Fault'
Raionale: I want to be able to automatically make backups to a remote machine, which will be encrypted with ecryptfs. The title says it all: I set up ecryptfs-utils on my Debian Squeeze box, and set up one user to use it via ecryptfs-setup-private. When I log in via SSH using password authentication… >>> More