| 1 |
On 05/21 08:41, Ian Zimmerman wrote: |
| 2 |
> On 2017-05-21 09:51, Neil Bothwick wrote: |
| 3 |
> |
| 4 |
> > Why are you using encfs with the associated FUSE baggage when ecryptfs |
| 5 |
> > is in the kernel and performs the same function? |
| 6 |
> |
| 7 |
> Is ecryptfs behind the scenes when I run /sbin/cryptsetup ? |
| 8 |
> |
| 9 |
> I remember a few years back, still on debian, I resolved to replace my |
| 10 |
> encfs usage with something more "modern" (phew) just to avoid getting |
| 11 |
> left in the cold with no support, as may be happening to Meino. The |
| 12 |
> first such modern thing that came to mind was what ubuntu (and maybe |
| 13 |
> debian) used to mount encrypted filesystems on boot, and I think that |
| 14 |
> was called ecryptfs, but that was so very complex and opaque that I |
| 15 |
> didn't get far. After a while I found my current way usign cryptsetup. |
| 16 |
> |
| 17 |
> But the ubuntu stuff may have been just wrapping and packaging, hence |
| 18 |
> my question. |
| 19 |
> |
| 20 |
> -- |
| 21 |
> Please *no* private Cc: on mailing lists and newsgroups |
| 22 |
> Personal signed mail: please _encrypt_ and sign |
| 23 |
> Don't clear-text sign: |
| 24 |
> http://primate.net/~itz/blog/the-problem-with-gpg-signatures.html |
| 25 |
> |
| 26 |
|
| 27 |
Hi Ian, |
| 28 |
|
| 29 |
cryptsetup seems to be of another flavor than encfs, since its depends |
| 30 |
on gpg (see below), which encfs does not use as far as I know. |
| 31 |
I think encfs uses symmetric ciphers and cryptsetup uses a pub/private |
| 32 |
key pair. But I am by no means a cryptologist (I even cant spell this |
| 33 |
correctly...or...? ;) |
| 34 |
|
| 35 |
>ldd /sbin/cryptsetup |
| 36 |
linux-vdso.so.1 (0x00007ffd15560000) |
| 37 |
libcryptsetup.so.4 => /usr/lib64/libcryptsetup.so.4 (0x00007fba2aa06000) |
| 38 |
libpopt.so.0 => /usr/lib64/libpopt.so.0 (0x00007fba2a7f9000) |
| 39 |
libc.so.6 => /lib64/libc.so.6 (0x00007fba2a463000) |
| 40 |
libuuid.so.1 => /lib64/libuuid.so.1 (0x00007fba2a25e000) |
| 41 |
libdevmapper.so.1.02 => /lib64/libdevmapper.so.1.02 (0x00007fba2a004000) |
| 42 |
libgcrypt.so.20 => /usr/lib64/libgcrypt.so.20 (0x00007fba29cf1000) |
| 43 |
libgpg-error.so.0 => /usr/lib64/libgpg-error.so.0 (0x00007fba29adb000) |
| 44 |
/lib64/ld-linux-x86-64.so.2 (0x00007fba2ac2f000) |
| 45 |
librt.so.1 => /lib64/librt.so.1 (0x00007fba298d3000) |
| 46 |
libudev.so.1 => /lib64/libudev.so.1 (0x00007fba296ad000) |
| 47 |
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fba29491000) |
| 48 |
libm.so.6 => /lib64/libm.so.6 (0x00007fba2918d000) |
| 49 |
|
| 50 |
--- |
| 51 |
|
| 52 |
The encfs, which segfaults, was of version 1.9.1. |
| 53 |
In parallel I searched the internet on "seqfault encfs" |
| 54 |
and found quite a few people experience similiar problems. |
| 55 |
Due to that reports I downgraded to version 1.7.5 and no |
| 56 |
problems so far. |
| 57 |
|
| 58 |
Smells like openssl: It's secure...but... |
| 59 |
|
| 60 |
Time will tell, whether 1.7.5. is more stable than the |
| 61 |
newer versions. |
| 62 |
|
| 63 |
Cheers |
| 64 |
Meino |
Archives