I have have an encrypted file that gets mounted as a volume that I can use, all done with truecrpyt.

This is great, it solves alot of my privacy issues. However, someone else also has root access to my machine (long story).

They cant ever mount my volume if its not mounted but what they can do is ssh into the box when I am logged in / they are mounted and access the data.

Is there anyway to protect against this?

I can only think of a hack to unmount my volumes in the sshrc or creating a VM and mounting + sharing with additional security (but I dont want the data in the VM which means I'll have a share that the VM will mount then reshare...)

Effectively that's more what I'm after, mounting the encypted file as a passworded samba share or somethings... Hmm might try and investigate that more.

Any suggestions?