what's the optimal approach to encrypted filesystems?
Felipe Alfaro Solana
felipe_alfaro at linuxmail.org
Tue Jan 27 13:26:19 UTC 2004
On Tue, 2004-01-27 at 11:22, Robert P. J. Day wrote:
> what is the preferred approach to supporting encrypted filesystems
> under fedora? the cryptoloop HOWTO at www.tldp.org,
> http://www.tldp.org/HOWTO/Cryptoloop-HOWTO/index.html
> seems to suggest that the 2.6 kernel is necessary, and also seems
> to require newer userspace tools.
>
> the HOWTO also refers to loop-AES as being more mature, but
> requiring kernel patches, as an alternative to cryptoloop.
>
> so what's the recommended approach? and can anyone comment
> on the long-term direction of encrypted filesystems? is there some
> approach that is expected to become the standard?
I'm more inclined towards cryptoloop as it uses current kernel
infrastructure for crypto algorigthms which are also used by NFSv4.
Maybe it's not as mature as Loop-AES, but I think kernel crypto will
allow for more features in the end, like key management support, GSSAPI
integration, etc.
More information about the fedora-list
mailing list