Isn't it time for the encrypted file system???
Stephen J. Smoogen
smooge at gmail.com
Tue Mar 28 00:57:46 UTC 2006
On 3/25/06, Josh Bressers <bressers at redhat.com> wrote:
> > >
> > > Is there any chance that we can come up with something that doesn't
> > > require something that's block-level and requires repartitioning? The
> > > migration path pretty much sucks if we don't try for something else.
> >
> > I think Jeremy's point about using block level encryption on real disks
> > for anything but removable / hotplugable devices makes sense. I also
> > don't think we want to encrypt the entire home directory, that would
> > suck for e.g. compiles of software
>
> I'm somewhat surprised nobody has mentioned encfs yet.
> http://arg0.net/wiki/encfs
>
> I store many things in encfs filesystems as it's rather transparent and
> very easy to setup and use. I imagine with very little effort support
> could be built into nautilus.
>
> It's already in extras as fuse-encfs.
>
> The basics are that I have one directory named ~/.encfs, which has all the
> encrypted bits. I then "mount" the .encfs directory into ~/encfs, where I
> can see things as normal files (these are arbitrary names chosen by me, any
> name can be used). Here's a directory listing of ~/.encfs:
>
So what is needed extra is a nautilus-fuse-encfs that puts a nice
little safe/vault on your desktop... and some sort of routines to make
sure that various desktop programs know to save their temporary data
to the encfs.. what to do about swap and mis-behaving programs I do
not know.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
More information about the Fedora-maintainers
mailing list