Encrypting and decrypting directories under Linux
Dennis Lambe Jr.
malsyned at cif.rochester.edu
Sat Dec 27 21:14:11 CET 2003
> >If you're trying to secure the entire /home tree from an intruder with
> >physical access to the machine room, your best bet (though not foolproof
> >if the computer has any physical Human Interface devices) is to use
> >Linux's crypto functionality to encrypt the entire volume /home is
> >mounted on using a symetric cypher. This will make the hard drive, if
> >removed from the machine, useless. On the other hand, it will require
> >that you type in a password to mount /home.
>
> Dennis you sugestion with crypt seems fitting my need, thanks a lot. Typing
> only password seems to be better choice for user that remembering his
> private key :D.
In that case, the best place to start is the Disk-Encryption HOWTO:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/Disk-Encryption-HOWTO
It explains how to add CryptoAPI to a 2.4 kernel and set up the mounting
of encrypted file systems. If you are using a 2.6 kernel, bear in mind
that CryptoAPI has been merged into the main kernel sources as of 2.6,
so you will most likely not need to patch a 2.6 kernel to take advantage
of the advice in that HOWTO.
Let me know how it goes, this is an interesting topic.
--D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 279 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20031227/10a61e80/attachment.bin
More information about the Gnupg-users
mailing list