1 |
On 05/21 08:41, Ian Zimmerman wrote: |
2 |
> On 2017-05-21 09:51, Neil Bothwick wrote: |
3 |
> |
4 |
> > Why are you using encfs with the associated FUSE baggage when ecryptfs |
5 |
> > is in the kernel and performs the same function? |
6 |
> |
7 |
> Is ecryptfs behind the scenes when I run /sbin/cryptsetup ? |
8 |
> |
9 |
> I remember a few years back, still on debian, I resolved to replace my |
10 |
> encfs usage with something more "modern" (phew) just to avoid getting |
11 |
> left in the cold with no support, as may be happening to Meino. The |
12 |
> first such modern thing that came to mind was what ubuntu (and maybe |
13 |
> debian) used to mount encrypted filesystems on boot, and I think that |
14 |
> was called ecryptfs, but that was so very complex and opaque that I |
15 |
> didn't get far. After a while I found my current way usign cryptsetup. |
16 |
> |
17 |
> But the ubuntu stuff may have been just wrapping and packaging, hence |
18 |
> my question. |
19 |
> |
20 |
> -- |
21 |
> Please *no* private Cc: on mailing lists and newsgroups |
22 |
> Personal signed mail: please _encrypt_ and sign |
23 |
> Don't clear-text sign: |
24 |
> http://primate.net/~itz/blog/the-problem-with-gpg-signatures.html |
25 |
> |
26 |
|
27 |
Hi Ian, |
28 |
|
29 |
cryptsetup seems to be of another flavor than encfs, since its depends |
30 |
on gpg (see below), which encfs does not use as far as I know. |
31 |
I think encfs uses symmetric ciphers and cryptsetup uses a pub/private |
32 |
key pair. But I am by no means a cryptologist (I even cant spell this |
33 |
correctly...or...? ;) |
34 |
|
35 |
>ldd /sbin/cryptsetup |
36 |
linux-vdso.so.1 (0x00007ffd15560000) |
37 |
libcryptsetup.so.4 => /usr/lib64/libcryptsetup.so.4 (0x00007fba2aa06000) |
38 |
libpopt.so.0 => /usr/lib64/libpopt.so.0 (0x00007fba2a7f9000) |
39 |
libc.so.6 => /lib64/libc.so.6 (0x00007fba2a463000) |
40 |
libuuid.so.1 => /lib64/libuuid.so.1 (0x00007fba2a25e000) |
41 |
libdevmapper.so.1.02 => /lib64/libdevmapper.so.1.02 (0x00007fba2a004000) |
42 |
libgcrypt.so.20 => /usr/lib64/libgcrypt.so.20 (0x00007fba29cf1000) |
43 |
libgpg-error.so.0 => /usr/lib64/libgpg-error.so.0 (0x00007fba29adb000) |
44 |
/lib64/ld-linux-x86-64.so.2 (0x00007fba2ac2f000) |
45 |
librt.so.1 => /lib64/librt.so.1 (0x00007fba298d3000) |
46 |
libudev.so.1 => /lib64/libudev.so.1 (0x00007fba296ad000) |
47 |
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fba29491000) |
48 |
libm.so.6 => /lib64/libm.so.6 (0x00007fba2918d000) |
49 |
|
50 |
--- |
51 |
|
52 |
The encfs, which segfaults, was of version 1.9.1. |
53 |
In parallel I searched the internet on "seqfault encfs" |
54 |
and found quite a few people experience similiar problems. |
55 |
Due to that reports I downgraded to version 1.7.5 and no |
56 |
problems so far. |
57 |
|
58 |
Smells like openssl: It's secure...but... |
59 |
|
60 |
Time will tell, whether 1.7.5. is more stable than the |
61 |
newer versions. |
62 |
|
63 |
Cheers |
64 |
Meino |