Normally if someone wants to automount a network share on their local computer at boot they must store a plain text password on their computer but not anymore
. Here's a simple guide for mounting a network share at login
without storing a plain text password on your computer, however it does require that you store your password on your hard drive but in an encrypted file. if your local username and password are the same as the network share you want to mount read this
guide
You need samba and pam_mount to get those run these commands
Code:
yum groupinstall "Windows File Server"
yum install pam_mount
you'll probably have the windows file server package so if that does nothing don't worry
Edit your /etc/pam.d/login, /etc/pam.d/gdm, /etc/pam.d/kde, /etc/pam.d/xdm files and add these lines
Code:
auth optional pam_mount.so use_first_pass
session optional pam_mount.so
Create the encrypted file containing your password.
first create a file in your home dir call it pass and type your password for the share in it. don't worry we'll delete it later. then run this command
Code:
openssl aes-256-ecb -salt -in pass -out user.key
when asked for a password use your local login password or else this won't work. delete the pass file. Then move the key file to /home/.user.key
Edit /etc/security/pam_mount.conf. Scroll down to line 28 where you see
Code:
# luserconf .pam_mount.conf
remove the # in front. Scroll down to line 60 where you see this line
Code:
options_require nosuid, nodev
comment it by adding a # in front. Also at line 41 where you see
Code:
options_allow nosuid,nodev,loop,encryption
comment that line with a # and uncomment line 43 where it says
by removing the #
Create the file .pam_mount.conf in your home folder and add a line similar to this
Code:
volume networkaccountname smb server share /mountpoint uid=yourlocalaccount,gid=yourlocalaccount aes-256-ecb /home/.user.key
placing the appropriate values for networkaccountname, server, share, /mountpoint, and yourlocalaccount. If you are mounting a share that's nfs or something change the smb to whatever it should be. Be sure to create the mountpoint
Give it a try in a tty(ctrl alt f1). If it doesn't work scroll up and look for any sort of error message but if it works, edit /etc/security/pam_mount.conf and at line 7 change
to
and say goodbye to that insecure credentials file or plain text password
in case you're wondering you don't have to edit /etc/fstab at all
Linear Mode
