Re: Ecryptfs vs encfs
On Mon, Mar 21, 2011 at 11:51 PM, Todd A. Jacobs
<codegnome.consulting+debian@gmail.com> wrote:
> On Mon, Mar 21, 2011 at 8:09 PM, Dan <ganchya@gmail.com> wrote:
>> I would like to encrypt some folders in the home directory of the
>> users in a server. I have seen that there are 2 choices ecryptfs and
>> encfs. They seem to be very similar. Which one do you think that it is
>> better?
>
> One isn't better than the other; they serve different use cases.
> Ecryptfs is a stacked filesystem that runs in the kernel, while encfs
> is a FUSE-based filesystem that runs in userspace.
>
> IMHO encfs is a better solution for individual users; it's less
> complex to implement and doesn't have stack issues (see
> http://ecryptfs.sourceforge.net/ecryptfs-faq.html#stack). On the other
> hand, ecryptfs is the default for encrypted home directories in Ubuntu
> and probably works faster due to running in kernel space.
>
> Generally, my advice is to use dm-crypt for block devices (like
> encrypting an entire /home partition that root plans to mount at
> bootup), and encfs for encrypting individual directories other than
> $HOME. YMMV.
Why do you say that ecrypt is less complex. From a user "point of
view" ecryptfs seems to be easy to implement in a multiuser server.
The issues of being a stack filesystem only affect the XFS file
system, not the ext3 or ext4. Right?
It seems that ecryptfs is more popular than encfs. Is there any reason for that?
Dan
Reply to: