On Sat, Nov 1, 2008 at 2:50 AM, Struan Bartlett
<struan.bartlett@xxxxxxxxxxxxx> wrote:
>
> though: encrypting individual files for storage to Amazon S3. I realise Amazon S3 naturally encrypts all
I'd use either encfs or ecryptfs. The stackable file systems are
almost precisely what you want in situations like this. ("Almost",
because it's at the level of some directory: meaning you can't easily
have a mix of plain and crypted files in the same directory).
I'd recommend encfs. ecryptfs is still a little immature (my
definition of immature is Mandriva hasn't brought it into their main
repos yet ;-)
Jokes apart, encfs is a bit older so more stable; I've been using it
for 2-3 years now, no problems. Change passwords works fine. You
only need one ".encfs6.xml" file which contains the eqvt of the Luks
header; this applies to the entire directory being encrypted. As long
as you have that file, any of the actual files can be decrypted, and
they're all independent of each other -- only that XML file is
important.
I don't know much about S3 but if you can rsync to it, it would be a
terrific way to backup stuff: just backup the underlying crypted
directory instead of the mounted "plain" directory.
If you need more info about either this or ecryptfs let me know. Of
course I admit I haven't used ecryptfs in production -- the fact that
the file names are still plain was not sufficient for me...
Regards,
Sitaram
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
