Re: making encrypted $HOME as easy and convenient as possible
On 12/09/11 10:12 +0200, martin f krafft wrote:
[ecryptfs as /home]
True. At the same time, it exposes quite a lot of information, e.g.
structure of the tree. I don't know how much of that could be used
in a plain-text attack.
Note, however, that I don't really know ecryptfs. I only briefly
looked at encfs and was horrified by some of its design choices.
Maybe ecryptfs is better. Meanwhile, however, I chose to stay with
dm-crypt, which simply seems saner.
I use ecryptfs when storing files on a 3rd party
server, like dropbox and full disk encryption with
luks and dm-crypt for my laptop and workstation.
They are there for different use cases.
Cowardice asks the question, 'Is it safe?' Expediency asks the question, 'Is it
politic?' Vanity asks the question, 'Is it popular?' But, conscience asks the
question, 'Is it right?' And there comes a time when one must take a position
that is neither safe, nor politic, nor popular but one must take it because
one's conscience tells one that it is right. — Martin Luther King, Jr.