Gregory Nowak <speakup at braille.uwo.ca> wrote: > >Thanks to Joe, Alex, and Luke for your input. It's pretty much as I >had figured things to be. I haven't heard of ecryptfs before though, >will have to look that up. One advantage (if your entire system doesn't have to be encrypted) is that it stores the files under directories in whatever file system you are already using - it doesn't require its own file system, partition or logical volume, if I recall rightly. Encryption of the file names as well as the contents was introduced several kernel releases ago. nother option for those requiring full system encryption might be to try to get it working with a Yubikey or similar device. A Yubikey can be configured to generate a fixed password, but that isn't the standard or recommended mode of operation. Rather, it normally generates a one-time encrypted password that can be verified locally or remotely and integrated into PAM.
