Re: making encrypted $HOME as easy and convenient as possible

To: debian-devel@lists.debian.org
Subject: Re: making encrypted $HOME as easy and convenient as possible
From: Rolf Kutz <rk@vzsze.de>
Date: Mon, 12 Sep 2011 10:32:06 +0200
Message-id: <[🔎] 20110912083206.GC19003@vzsze.de>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20110912081255.GA10302@albatross.gern.madduck.net>
References: <[🔎] 20110911132337.GA5608@pris> <[🔎] 85wrdeq026.fsf@boum.org> <[🔎] 20110912045029.GA26872@albatross.gern.madduck.net> <[🔎] 20110912074111.GB19003@vzsze.de> <[🔎] 20110912081255.GA10302@albatross.gern.madduck.net>

On 12/09/11 10:12 +0200, martin f krafft wrote:
[ecryptfs as /home]

True. At the same time, it exposes quite a lot of information, e.g.
structure of the tree. I don't know how much of that could be used
in a plain-text attack.


Ack.

Note, however, that I don't really know ecryptfs. I only briefly
looked at encfs and was horrified by some of its design choices.
Maybe ecryptfs is better. Meanwhile, however, I chose to stay with
dm-crypt, which simply seems saner.


I use ecryptfs when storing files on a 3rd party
server, like dropbox and full disk encryption with
luks and dm-crypt for my laptop and workstation.
They are there for different use cases.

regards
Rolf

--
Cowardice asks the question, 'Is it safe?' Expediency asks the question, 'Is it
politic?' Vanity asks the question, 'Is it popular?' But, conscience asks the
question, 'Is it right?' And there comes a time when one must take a position
that is neither safe, nor politic, nor popular but one must take it because
one's conscience tells one that it is right. — Martin Luther King, Jr.

Reply to:

References:
- making encrypted $HOME as easy and convenient as possible
  - From: Jon Dowland <jmtd@debian.org>
- Re: making encrypted $HOME as easy and convenient as possible
  - From: intrigeri <intrigeri+debian-devel@boum.org>
- Re: making encrypted $HOME as easy and convenient as possible
  - From: martin f krafft <madduck@debian.org>
- Re: making encrypted $HOME as easy and convenient as possible
  - From: Rolf Kutz <rk@vzsze.de>
- Re: making encrypted $HOME as easy and convenient as possible
  - From: martin f krafft <madduck@debian.org>

Prev by Date: Re: making encrypted $HOME as easy and convenient as possible
Next by Date: Re: making encrypted $HOME as easy and convenient as possible
Previous by thread: Re: making encrypted $HOME as easy and convenient as possible
Next by thread: Re: making encrypted $HOME as easy and convenient as possible
Index(es):
- Date
- Thread