| 1 |
On Tue, Jan 05, 2010 at 04:09:03PM -0600, Harry Putnam wrote: |
| 2 |
|
| 3 |
> For example, if I wanted a forgotten password laying in a text file |
| 4 |
> but encfs encrypted and on the remote. When for one or another reason |
| 5 |
> I cannot get it from the home machine. |
| 6 |
|
| 7 |
I hate saying something when I don't know the full circumstances, but |
| 8 |
here is how I do mine, and how I have recovered data from the backup. |
| 9 |
I mount the plaintext with this command (actual details have been |
| 10 |
changed because I do it in a shell script which does other things): |
| 11 |
|
| 12 |
encfs ~/.encrypted ~/.plaintext |
| 13 |
|
| 14 |
~/.encrypted is the encrypted dir, ~/.plaintest is what I lok at when |
| 15 |
I want to see the plaintext. I have various symlinks elsewhere which |
| 16 |
point into ~/.plaintext. |
| 17 |
|
| 18 |
When I backup this data, I only backup ~/.encrypted. In fact, since |
| 19 |
backup is done as a part of root's nightly backup, and root cannot |
| 20 |
look into ~/.plaintext, ~/.encrypted is all that can be backupped (did |
| 21 |
I just invent a new verb? :-). |
| 22 |
|
| 23 |
Now once I lost a file which I knew existed in the backup. All I had |
| 24 |
to do was |
| 25 |
|
| 26 |
1. As root, mount the backup, in this case as /mnt/backup. |
| 27 |
|
| 28 |
2. As myself, mount as usual but change the names: |
| 29 |
|
| 30 |
encfs /mnt/backup/home/felix/.encrypted ~/tmp/plaintext |
| 31 |
|
| 32 |
3. Copy the file as plaintext: |
| 33 |
|
| 34 |
cp -p ~/tmp/plaintext/path/to/file ~/.plaintext/path/to/file |
| 35 |
|
| 36 |
Of course, if you backup as yourself, the root step is easily adjusted |
| 37 |
to yourself. |
| 38 |
|
| 39 |
It's been so long since I set this up that I do not remember the |
| 40 |
details. There's a kernel module, maybe dm-crypt. You probably have |
| 41 |
to enable something in the kernel config. But once done, it's easy as |
| 42 |
pi and just as tasty, and I really like the fact that root cannot get |
| 43 |
access to the plaintext. For some reason, that just tinkles me pink. |
| 44 |
|
| 45 |
-- |
| 46 |
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. |
| 47 |
Felix Finch: scarecrow repairman & rocket surgeon / felix@×××××××.com |
| 48 |
GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 |
| 49 |
I've found a solution to Fermat's Last Theorem but I see I've run out of room o |
Archives