Re: Editing and storing encrypted files
On Wed, Sep 06, 2000 at 10:22:44PM +0200, Wouter Hanegraaff wrote:
> I have some files that I would like to store encrypted. Of course I can
> just type them in, encrypt them using gpg and delete the original, but
> that seems to be a bit of a kludge. It would mean the file is at some
> time readable unencrypted (after saving in the editor), and forgetting
> to turn off the backup file option in the editor when changing the file.
> There must be better solutions, but I can't seem to find them. What I
> would like to have is an editor that has built-in encryption or gpg
> integration, and the option not to store any non-encrypted data on disk
> or on the clipboard.
> Is something like this available?
Have you considered using an encrypted filesystem? The advantage to this is
that the blocks are encrypted on the filesystem then decrypted on the fly.
>From the TCFS FAQ:
"TCFS is a Transparent Cryptographic File System that is a suitable solution
to the problem of privacy for distributed file system. By a deeper integration
between the encryption service and the file system, it results in a complete
transparency of use to the user applications. Files are stored in encrypted
form and are decrypted before they are read. The encryption/decryption
process takes place on the client machine and thus the encryption/decryption
key never travels on the network."
Since the encryption/decryption is done on the fly for the person holding
the key for the encrypted mount, privacy would be enhanced. Basically TCFS
and similar encrypted filesystems are NFS-like, so as long as the directory
from which you are editing the file within should be encrypted.
The downside to this is that drive access will be considerably slower.
Bradley M. Alexander, CISSP | Co-Chairman,
Beowulf System Admin/Security Specialist | NoVALUG/DCLUG Security SIG
Winstar Telecom | email@example.com
(703) 889-1049 | firstname.lastname@example.org
I have a firm grasp on reality. Now I can strangle it.