Re: Editing and storing encrypted files

To: Wouter Hanegraaff <wouter@blub.net>, debian-user@lists.debian.org, debian-security@lists.debian.org
Subject: Re: Editing and storing encrypted files
From: Bradley M Alexander <storm@tux.org>
Date: Wed, 6 Sep 2000 18:17:50 -0400
Message-id: <[🔎] 20000906181750.D542@sonsofthunder.yi.org>
In-reply-to: <[🔎] 20000906222244.A6364@duckman.blub.net>; from wouter@blub.net on Wed, Sep 06, 2000 at 10:22:44PM +0200
References: <[🔎] 20000906222244.A6364@duckman.blub.net>

On Wed, Sep 06, 2000 at 10:22:44PM +0200, Wouter Hanegraaff wrote:
> Hi,
> 
> I have some files that I would like to store encrypted. Of course I can
> just type them in, encrypt them using gpg and delete the original, but
> that seems to be a bit of a kludge. It would mean the file is at some
> time readable unencrypted (after saving in the editor), and forgetting
> to turn off the backup file option in the editor when changing the file.

Correct.

> There must be better solutions, but I can't seem to find them. What I
> would like to have is an editor that has built-in encryption or gpg
> integration, and the option not to store any non-encrypted data on disk
> or on the clipboard.
> 
> Is something like this available?

Have you considered using an encrypted filesystem? The advantage to this is
that the blocks are encrypted on the filesystem then decrypted on the fly.
>From the TCFS FAQ:

"TCFS is a Transparent Cryptographic File System that is a suitable solution
to the problem of privacy for distributed file system. By a deeper integration
between the encryption service and the file system, it results in a complete 
transparency of use to the user applications. Files are stored in encrypted 
form and are decrypted before they are read.  The encryption/decryption 
process takes place on the client machine and thus the encryption/decryption 
key never travels on the network." 

Since the encryption/decryption is done on the fly for the person holding
the key for the encrypted mount, privacy would be enhanced. Basically TCFS
and similar encrypted filesystems are NFS-like, so as long as the directory
from which you are editing the file within should be encrypted.

The downside to this is that drive access will be considerably slower.

-- 
--Brad
============================================================================
Bradley M. Alexander, CISSP              |   Co-Chairman,
Beowulf System Admin/Security Specialist |    NoVALUG/DCLUG Security SIG
Winstar Telecom                          |   balexander@winstar.com
(703) 889-1049                           |   storm@tux.org
============================================================================
I have a firm grasp on reality. Now I can strangle it.

Reply to:

References:
- Editing and storing encrypted files
  - From: Wouter Hanegraaff <wouter@blub.net>

Prev by Date: Re: Editing and storing encrypted files
Next by Date: Re: Editing and storing encrypted files
Previous by thread: Re: Editing and storing encrypted files
Next by thread: Re: Editing and storing encrypted files
Index(es):
- Date
- Thread