Just figured it out for me. Only authorized_keys must be outside the encrypted directory, for sshd will use it before any user log.
Your actual keys and known_hosts can be inside the encrypted dir, only with symbolic links to a .ssh directory that is not encrypted.
Just figured it out for me. Only authorized_keys must be outside the encrypted directory, for sshd will use it before any user log.
Your actual keys and known_hosts can be inside the encrypted dir, only with symbolic links to a .ssh directory that is not encrypted.