1 |
On Mon, Jun 2, 2014 at 5:20 PM, Neil Bothwick <neil@××××××××××.uk> wrote: |
2 |
> On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote: |
3 |
> |
4 |
>> > I'm considering encrypting my home partition one of these days. Given |
5 |
>> > the things that have come out in recent months, back doors and such, |
6 |
>> > what is a good program/software/tool to use that is well . . . |
7 |
>> > secure? Is there such a thing now? |
8 |
> |
9 |
>> Depends on your needs, for encrypting complete devices/partitions try |
10 |
>> the kernels dm-crypt/luks module. If you just want to encrypt a |
11 |
>> directory try encfs, and for file encryption there's openssl and gpg |
12 |
> |
13 |
> Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which |
14 |
> needs FUSE, when ecryptfs does the same thing in kernel space? |
15 |
> |
16 |
|
17 |
for dual-boot systems, or simply from the point of system recovery, I |
18 |
find it really attractive that I can, for example, open an encfs |
19 |
filesystem in "the other operating system" (there's an encfs for |
20 |
windows). Besides, I think the fact that you're doing encryption / |
21 |
decryption on the fly completely overshadows the performance hit from |
22 |
running a userspace filesystem anyways. Also, it's extremely |
23 |
convenient to be able to mount / unmount the encfs on the fly without |
24 |
su, sudo, or messing with fstab, as, for instance, with the case of |
25 |
portable hard disks or usb sticks, where you don't want to |
26 |
automatically unencrypt the contents unless you're prompted for the |
27 |
password. |
28 |
-- |
29 |
This email is: [ ] actionable [x] fyi [ ] social |
30 |
Response needed: [ ] yes [x] up to you [ ] no |
31 |
Time-sensitive: [ ] immediate [ ] soon [x] none |