I just switched to ecryptfs and like it in conjunction with incremental backups.
But, what I have not understood is what are Private.sig and Private.mnt files used fore. Why should they be kept especially save for backup as well?
Could anyone please explain?
Private.mnt is a configuration file read by mount.ecryptfs_private at login that defines where your encrypted directory should be mounted. If you've encrypted your home directory, this will be $HOME. But some people choose to encrypt some other directory, perhaps a subset of $HOME, like $HOME/Private.
Private.sig contains "signatures" or "hashes" of your encryption keys. These are used as "handles" to identify the keys in use. It provides a safe, secure mechanism for eCryptfs to determine if you're using the correct key or not.
Both of these are absolutely required and eCryptfs will NOT function properly with out them!!!
Full disclosure: I'm one of the authors and maintainers of eCryptfs.
mount.ecryptfs_privatestates it uses ~/.ecryptfs/Private.sig but not Private.mnt -- it says it always uses$HOME/Private as the DESTINATION. Is the man page correct? – Pod Feb 01 '17 at 15:31ecryptfs-setup-privateandecryptfs-verifyuse it? – Pod Feb 01 '17 at 15:39