Le ven. 5 avr. 2019 à 22:08, David Christensen
<dpchrist@holgerdanske.com> a écrit :
AFAIK dm-crypt is the canonical disc encryption technology on Linux (see
crypttab(5) and cryptsetup(8)). I like the fact that it operates at the
device level, so everything on an encrypted disc or partition is
automatically and inescapably encrypted. File system level encryption,
such as ecryptfs(7), might make sense for cloud directories or
sneaker-net media. I use ccrypt(1) for individual files, but vim(1) has
an encrypted mode that is very appealing for certain use-cases.
Indeed, I've planned to give a serious look at it, especially to
encrypt the disks of the servers we rent in remote data-centers, but I
haven't took the time yet for it. And when occurred the requirement to
crypt the virtual machines, I found ecryptfs an easier thing to set
up.
I also found ecryptfs a better fit for my requirements.
Indeed, I like the fact that I, as an administrator, am not able to
access the files of "my" users. I encrypt their home folder then set
the requirement to change the password on their first login (with
'chage -d 0 $user'), might it be their physical desktops or their
virtual instances. Thus I'm sure I won't ever be able to look into
their files without them allowing me. This is known of everybody. This
is a double edged sword. They have to take full responsibility to
backup somewhere their files as I can't help them if anything goes
wrong (and if anything goes wrong I just provide them a new physical
or virtual instance and wipe the problematic one), and at the same
time it is relieving me from the possibility to be able to see
everything everywhere. In a previous company, as not being the system
administrator, I never liked this fact that somebody could access all
files behind all user's backs. I recall one who did that to an user to
look into their personal files (which shouldn't had be there in the
first place, admittedly) and I really disliked the « God mode »
situation offered to system administrators. Now that I administer the
desktops, I went really concerned to lower, by design, my scope of
abilities. I didn't want to rely on my will power and my word of mouth
about this situation. I wanted it to be established by design.
Ciphering user's space with ecryptfs allows me to lock me out very
nicely and easily from this possibility. I haven't found this to be
possible with dm-crypt in an easy and user-friendly way.
Nonetheless, if it's possible to achieve such objective with dm-crypt,
I would really appreciate some pointers about how to do it.