Re: secure a directory



Ertugrul Soeylemez <never@xxxxxxxxxxxxxx> writes:

There are several choices. Slawomir Kawala has already mentioned the
dmcrypt approach, with which you can encrypt an entire partition
(e.g. your /home partition). This is the most secure approach, and has
the additional benefit that _all_ your data gets encrypted. You need to
give the encryption passphrase/key when mounting /home. I do this at
boot time.

What is the situation once /home is mounted? It appears like any
other /home or what. How does data read or written work as compared
to any other time?

For encrypting single files, you may be interested in OpenSSL (which is
preinstalled in Gentoo systems). It comes with a command-line utility,

Thanks for the SSL tips and command too. I'm guessing a user could
tar a directory and encrypt that file. It would mean an additional
untarring but with a small directory that would be nearly
instantaneos.
.



Relevant Pages

  • Re: Encrypting Linux partitions
    ... On a new Linux install of SuSE 10.0 x86_64 machine, ... partition as I intend to mkswap a file in the root partition. ... When I try to encrypt the root partition, ... The only things which need to be unencrypted are the boot loader, ...
    (comp.os.linux.misc)
  • Re: LVM+RAID+CRYPT
    ... Never run encryption on swap. ... MUST encrypt swap in order for your system to be secure; ... Each disk has an boot ... partition, a swap partition, and a big remaining partition. ...
    (Debian-User)
  • Re: LVM+RAID+CRYPT
    ... I have a few laptops which I encrypt for work ... Create one partition on the RAID ... format md1 as an LVM physical volume + plumb it into ...
    (Debian-User)
  • Re: start existing process in memory
    ... TrueCrypt, from memory again. ... I use it to encrypt data on my USB ... TrueCrypt.exe reside on the open partition so it is possible for ... If that is not the case, I would have the second script find the executable by looking wherever it might be located (as someone already suggested. ...
    (microsoft.public.win2000.cmdprompt.admin)
  • Re: OS and file system encryption
    ... dmcrypt, which allows you to encrypt everything, even your root and swap ... and an external usb drive); the only unencrypted partition is a ... installation of the system. ... the encrypted devices and copied the root filesystem over, ...
    (Debian-User)