Re: Isn't it time for the encrypted file system???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> > 
> > Is there any chance that we can come up with something that doesn't 
> > require something that's block-level and requires repartitioning?  The 
> > migration path pretty much sucks if we don't try for something else.
> 
> I think Jeremy's point about using block level encryption on real disks
> for anything but removable / hotplugable devices makes sense. I also
> don't think we want to encrypt the entire home directory, that would
> suck for e.g. compiles of software

I'm somewhat surprised nobody has mentioned encfs yet.
http://arg0.net/wiki/encfs

I store many things in encfs filesystems as it's rather transparent and
very easy to setup and use.  I imagine with very little effort support
could be built into nautilus.

It's already in extras as fuse-encfs.

The basics are that I have one directory named ~/.encfs, which has all the
encrypted bits.  I then "mount" the .encfs directory into ~/encfs, where I
can see things as normal files (these are arbitrary names chosen by me, any
name can be used).  Here's a directory listing of ~/.encfs:

% ls ~/.encfs
1k2A8hy,ELen4,JmfcH-51JG  R8Xs0R097CPJJoc1bG2ZzXqX y6bOnGgyYiXmKAPav7giQaS,
hxc7gEQKqRa,G1            TMej1GDE,weeNiUM0XYeC6Wv

Everything in that directory is utter nonsense, but the magic part is, I
can rsync my encrypted directory without ill effect.  This lets me backup
my encrypted information without needing the key (something lacking from
many encrypted filesystems.

-- 
    JB


[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux