[Discuss] Encrypt /home and allow unattended boot?
Rich Pieri
richard.pieri at gmail.com
Fri Sep 27 11:25:40 EDT 2019
On Fri, 27 Sep 2019 10:39:43 -0400
Dan Ritter <dsr at randomstring.org> wrote:
> You can also use encfs, which is an overlay filesystem. It
> provides less metadata security -- any user can see the number
> of files, what perms they have, a lower bound on their size, and
> atime/mtime stats. On the other hand, it's a lot easier to
> experiment with.
Also: it's a FUSE module so you don't need root. It's also single
threaded and slower than the other options but that's the trade-off.
It also has a nifty reverse mode. encfs normally presents plain data
layered over encrypted files. Reverse mode presents encrypted data
layered over plain files. The example case is encrypted remote backups
where you don't want to encrypt the local files.
--
Rich Pieri
More information about the Discuss
mailing list