Install libpam-encfs.
Edit /etc/security/pam_encfs.conf
:
Recommended: comment out the line
encfs_default --idle=1
This flag will unmount your encrypted folder after 1 minute of inactivity. If you are automounting this on login, you probably would like to keep this mounted for as long as you are logged in.
At the bottom, comment any existing demo entries and add:
#USERNAME SOURCE TARGET PATH ENCFS Options FUSE Options foo /home/foo/EncryptedFolder /home/foo/DecryptedFolder -v allow_other
Make sure to initialize EncryptedFolder with the same user password.
Also, if you see the following line, remove allow_root
from the options. Otherwise, it will be in conflict with allow_other
defined above.
fuse_default allow_root,nonempty
Next, edit /etc/fuse.conf
:
Uncomment:
user_allow_other
To test your config, open a new virtual terminal (e.g. Ctrl+Alt+F4
) and login. You should see pam successfuly mount your EncFS folder.
Should be enough.
See more at https://wiki.archlinux.org/index.php/EncFS#Mount_at_login_using_pam_encfs