[Leaplist] encrypted file system

Fred Moore fred at fmeco.com
Wed Feb 21 18:00:47 EST 2007 

As many may remember about a year ago I started a discussion about encrypted 
file systems.. at the time I was using encrypted loopback devices.. and still 
do.  I encrypt some sensative files on both my hd and on my usb thumbdrive.. 
A couple of days ago I ran accross the encfs project..

The code has been in the kernel since Linux 2.4  so most distro's should be 
able to handle it.. you must load the fuser module.  encfs does not do block 
encryption, so it a file by file encryption.  If you look directly into the 
directory you have mounted you can see all of the files and their encrypted 
name...  file size etc..  currently it does not support linked files.. 

I have been playing with it, and other than a group permission problem on 
the /bin/fuser it has been working flawlessly..   I think the main feature is 
that the file system is dynamic.. meaning that it can expand and grow as 
files are deleted and added.   While loopback also worked flawlessly for me.. 
I think this to work easier.. and is more useable.   Its basics are:  

create a directory that will contain the encrypted files
	mkdir  .encdir
create a mount point in your file system.. 
	mkdir encrypted
then mount the file there..  Note that encfs required fully qualified 
directory names.. 
	encfs /home/fmoor/.encdir /home/fmoor/encrypted
it then asks for your key.. 

use the directory just as you would use any directory.. 

when you finish issue
fusermount -u /home/fmoor/encrypted

It will ask for the origional passphrase anytime you mount..  forget it and 
you are done.. 

I recommend having a look at it..  After playing for a few more days I will 
most likely change how I encrypt my usb drive.. 
 
here is a good writeup and howto.. 

http://arg0.net/users/vgough/encfs.html

.. Fred


-- 
"everyone has a right to his own opinion, but not his own facts"
Fred/WD8KNI
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.leap-cf.org/pipermail/leaplist/attachments/20070221/a766a4e8/attachment.bin

More information about the Leaplist mailing list