On Wed, Aug 16, 2017 at 09:48:23AM +0200, Bastien Durel wrote: > Le lundi 14 août 2017 à 17:35 +0200, Nicolas George a écrit : > > Le septidi 27 thermidor, an CCXXV, Bastien Durel a écrit : > > > You don't. pam_mount will ask you for your password (after ssh > > > authentication) if you didn't provided one > > > > Thanks for the clarification. If you are right, then you probably > > should > > file a bug report for outdated documentation. > > > > But still, "UsePrivilegeSeparation no" is a deal breaker on its own. > > > > Regards, > > > In my setup (openssh 7.5), there is no UsePrivilegeSeparation setting, > it's on by default. And pam_mount is able to mount my encrypted > partitions when I log via SSH.
If you need Goliath-OS compatible volumes, a year or so ago I managed to script Veracrypt for a friend's "home" folder (forgotten what that's even called on Windows sorry), and so they feel safe to be able to 'upgrade' to any real operating system in the future.
