| 1 |
On Mon, Jun 2, 2014 at 5:20 PM, Neil Bothwick <neil@××××××××××.uk> wrote: |
| 2 |
> On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote: |
| 3 |
> |
| 4 |
>> > I'm considering encrypting my home partition one of these days. Given |
| 5 |
>> > the things that have come out in recent months, back doors and such, |
| 6 |
>> > what is a good program/software/tool to use that is well . . . |
| 7 |
>> > secure? Is there such a thing now? |
| 8 |
> |
| 9 |
>> Depends on your needs, for encrypting complete devices/partitions try |
| 10 |
>> the kernels dm-crypt/luks module. If you just want to encrypt a |
| 11 |
>> directory try encfs, and for file encryption there's openssl and gpg |
| 12 |
> |
| 13 |
> Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which |
| 14 |
> needs FUSE, when ecryptfs does the same thing in kernel space? |
| 15 |
> |
| 16 |
|
| 17 |
for dual-boot systems, or simply from the point of system recovery, I |
| 18 |
find it really attractive that I can, for example, open an encfs |
| 19 |
filesystem in "the other operating system" (there's an encfs for |
| 20 |
windows). Besides, I think the fact that you're doing encryption / |
| 21 |
decryption on the fly completely overshadows the performance hit from |
| 22 |
running a userspace filesystem anyways. Also, it's extremely |
| 23 |
convenient to be able to mount / unmount the encfs on the fly without |
| 24 |
su, sudo, or messing with fstab, as, for instance, with the case of |
| 25 |
portable hard disks or usb sticks, where you don't want to |
| 26 |
automatically unencrypt the contents unless you're prompted for the |
| 27 |
password. |
| 28 |
-- |
| 29 |
This email is: [ ] actionable [x] fyi [ ] social |
| 30 |
Response needed: [ ] yes [x] up to you [ ] no |
| 31 |
Time-sensitive: [ ] immediate [ ] soon [x] none |
Archives