[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Ecryptfs vs encfs



On Mon, Mar 21, 2011 at 8:09 PM, Dan <ganchya@gmail.com> wrote:
> I would like to encrypt some folders in the home directory of the
> users in a server. I have seen that there are 2 choices ecryptfs and
> encfs. They seem to be very similar. Which one do you think that it is
> better?

One isn't better than the other; they serve different use cases.
Ecryptfs is a stacked filesystem that runs in the kernel, while encfs
is a FUSE-based filesystem that runs in userspace.

IMHO encfs is a better solution for individual users; it's less
complex to implement and doesn't have stack issues (see
http://ecryptfs.sourceforge.net/ecryptfs-faq.html#stack). On the other
hand, ecryptfs is the default for encrypted home directories in Ubuntu
and probably works faster due to running in kernel space.

Generally, my advice is to use dm-crypt for block devices (like
encrypting an entire /home partition that root plans to mount at
bootup), and encfs for encrypting individual directories other than
$HOME. YMMV.


Reply to: