gpg: failed to create temporary file '/var/lib/lurker/.#lk0x5736b100.hantslug.org.uk.30594': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Fri Aug 14 10:02:19 2009 BST
gpg: using DSA key 20ACB3BE515C238D
gpg: Can't check signature: No public key
On Fri, Aug 14, 2009 at 09:15:32AM +0100, Stephen Nelson-Smith wrote:
> My question concerned where in the filesystem the keys would appear.
> It may not aways be the same - using automatic mounting, the user may
> get /media/disk1 one day and /media/disk2 another, if something else
> was mounted at disk1. I don't want users to change their config file.
> You may assume I know how to handle this manually. You may assume my
> users don't. I'd like their exerience to be as simple as: 1) User
> inserts USB stick 2) User enters password 3) User fires up vpn client.
The solution to this is to use some definitive unique ID on the USB
stick to get it to mount in the same place every time. The usual way
of doing this is to ensure that the stick always has exactly the same
device node name, and that you can then map that device to e.g.
/media/vpn-keys in fstab.
You can therefore use one of:
* /dev/disk/by-uuid/... (for the filesystem UUID)
* /dev/disk/by-label/... (for a manually-set label on the filesystem:
do this if you want any key to be usable in any machine, and set
the labels the same on all USB sticks)
* udev (see /etc/udev/rules.d/*) to create your own device node
(e.g. /dev/vpn-keys), identifying the device by device ID, UUID
or filesystem label.
Hugo.
--
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
--- Questions are a burden, and answers a prison for oneself. ---
