> On 04/11/2018 03:42 PM, Eric Biggers wrote:
> > Native encryption is more efficient, among other advantages. Many users, e.g.
> > Android and Chrome OS, have migrated to ext4 encryption, which is the same as
> > "fscrypt" ("fscrypt" refers to the API which is shared by ext4, f2fs, and ubifs
> > encryption, and also to the userspace tool https://github.com/google/fscrypt).
Yes, I've seen those and I'm excited about that and can't wait for them to
be adopted in major distributions.
> > Note that there *is* a PAM module pam_fscrypt which will "unlock" and "lock"
> > fscrypt-encrypted directories when you log in and out. It does work (after I
> > fixed a couple bugs :-), modulo a systemd bug that also affects pam_ecryptfs,
> > and I'm using it to encrypt my home directory on an Arch Linux machine. It's
Yes, I've seen the pam_fscrypt and I'm glad to hear that it works, I was
just mentioning that:
> > just not very widely used or integrated into any major distros yet, even though
...so my email was just meant as some kind of public head-scratching about
what _do_ people use to encrypt their home directories, something I
thought is offered by every major distribution now. Apparently we're not
quite there yet, but I'm happy to see there is progress.
> > Of course, you're also welcome to step up and help maintain eCryptfs or improve
> > pam_fscrypt or its documentation -- no need to wait for someone else to do it.
Yes, I hear you..."patches welcome" :-) See above, I was not complaining
or anything, really just wondering and I appreciate your response.
Thanks for your work,
Christian.
--
BOFH excuse #300:
Digital Manipulator exceeding velocity parameters
--
To unsubscribe from this list: send the line "unsubscribe ecryptfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
