Hummm, good question. I think backwards. ecryptfs basicly does a per file encryption. So you'll have a normal filesystem which holds encrypted files. The downside is bad performance as it uses FUSE, it potentiolly discloses the structure of the filesystem (while filenames are scrambled the tree structure is visible). It is easier to backup as you can easily backup the encrypted files and do not need to dump the whole block device. (The price for this is disclosing the fs structure) Regards -Sven On Tue, December 30, 2014 19:18, msalists@xxxxxxx wrote: > They are reluctant to give out any details, but are saying that they > will be releasing a new version of their software in the coming weeks > that uses ecryptfs instead. > Is this a step forward or backward (or rather just "sideways")? > > Mark > > On 2014-12-30 02:04, Arno Wagner wrote: >> On Tue, Dec 30, 2014 at 03:32:58 CET, msalists@xxxxxxx wrote: >>> On 2014-12-29 11:29, Quentin Lefebvre wrote: >>>> On 29/12/2014 20:06, msalists@xxxxxxx wrote : >>>>> Assuming I did create the container with aes-cbc-essiv:sha256; would >>>>> cryptsetup automatically figure out the correct parameters when it is >>>>> subsequently called without those parameters to mount the container? >>>>> Or do non-default parameters at creation time require the same >>>>> non-default parameters again for subsequent mounts? >>>> As you may have understood, in plain mode, there is no header, so >>>> no way for cryptsetup to guess the algorithm used. Thus, if it is >>>> a non-default one, it must be specified also at mount time. >>>> >>> Hm, makes sense. Is there some kind of a config file that I could >>> specify the parameters in, and that would be read prior to using the >>> defaults - similar to how some parameters for mount can be specified >>> in /etc/fstab ? >> Only if the NAS-makers added one. cryptsetup does not have >> a mechanism for this. >> >> Arno > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
