xfs
[Top] [All Lists]

Re: encryption

To: Christian Widmer <cwidmer@xxxxxxxxxxxx>
Subject: Re: encryption
From: Krzysztof Rusocki <kszysiu@xxxxxxxxxxxx>
Date: Thu, 5 Jul 2001 17:56:12 +0200
Cc: "'linux-xfs@xxxxxxxxxxx'" <linux-xfs@xxxxxxxxxxx>
In-reply-to: <0107051747210G.30268@asterix>; from cwidmer@xxxxxxxxxxxx on Thu, Jul 05, 2001 at 05:47:21PM +0200
References: <47CB5BFBF511D411A3AC00508BC8636B267BD3@DEBITECH11> <0107051747210G.30268@asterix>
Sender: owner-linux-xfs@xxxxxxxxxxx
User-agent: Mutt/1.2.5i
Hi Steve,

you may also take a look at Loopback-Encrypted-Filesystem-HOWTO on 
www.linuxdoc.org ,
you'll need to patch your kernel with encryption patch (available on
ftp.kernel.org afaik)..  However i do not know how is it going to interact
with XFS - opinion of someone who did try to patch XFS tree with crypto
patch would really be needed here...

Cheers,
Krzysztof

On Thu, Jul 05, 2001 at 05:47:21PM +0200, Christian Widmer wrote:
> the idea is not new (exept using xfs maybe). the new suse7.2 distribution
> has support for encryted file system. and it looks like it does't matter what
> filesystem you use. there is a description on their german homepage, un-
> fortunately in germen. it uses the loop device to add an additional layer.
> 
> setup a encryted device:
>  $modprobe loop_fish2
>  $losetup -e twofish /dev/loop0 /dev/hda3
>  $mkdir /topsecret
>  $mkreiserfs /dev/loop0
>  $mount -t reiserfs /dev/loop0 /topsecret
> 
> //chris
> 
> On Thursday 05 July 2001 17:18, you wrote:
> > i am interested in encrypted filesystems and was wondering if xfs would be
> > good to encrypt...
> >
> > my thoughts was to intercept the reading/writing of inodes from/to disk and
> > doing the en-decryption there...
> >
> > the passphrase for the encryption would be entered during the mounting of
> > the filesystem (and deleted from memory during the unmount!)...
> >
> > so my questions...
> >
> > is there a technical reason why xfs is unsuitable for this???
> >
> > has anybody thought about this before???
> >
> > i have found a method called 'xfs_iflush_int' does all writing to the hard
> > disk go through here, or are there many places in the code that would need
> > to be modified for decrypting/encrypting???
> >
> > is this a stupid idea??? :)
> >
> > steve...
> >
> > ps i hope this is the right place to send this message...
> > pps is there anybody else interesed???
> 
> -- 
> christian widmer
> zurlindenstrasse 294, 8003 zurich, switzerland
> email:  cwidmer@xxxxxxxxxxxx
> phone: ++41 (0)1 491 03 68

<Prev in Thread] Current Thread [Next in Thread>