Hi Steve,
you may also take a look at Loopback-Encrypted-Filesystem-HOWTO on
www.linuxdoc.org ,
you'll need to patch your kernel with encryption patch (available on
ftp.kernel.org afaik).. However i do not know how is it going to interact
with XFS - opinion of someone who did try to patch XFS tree with crypto
patch would really be needed here...
Cheers,
Krzysztof
On Thu, Jul 05, 2001 at 05:47:21PM +0200, Christian Widmer wrote:
> the idea is not new (exept using xfs maybe). the new suse7.2 distribution
> has support for encryted file system. and it looks like it does't matter what
> filesystem you use. there is a description on their german homepage, un-
> fortunately in germen. it uses the loop device to add an additional layer.
>
> setup a encryted device:
> $modprobe loop_fish2
> $losetup -e twofish /dev/loop0 /dev/hda3
> $mkdir /topsecret
> $mkreiserfs /dev/loop0
> $mount -t reiserfs /dev/loop0 /topsecret
>
> //chris
>
> On Thursday 05 July 2001 17:18, you wrote:
> > i am interested in encrypted filesystems and was wondering if xfs would be
> > good to encrypt...
> >
> > my thoughts was to intercept the reading/writing of inodes from/to disk and
> > doing the en-decryption there...
> >
> > the passphrase for the encryption would be entered during the mounting of
> > the filesystem (and deleted from memory during the unmount!)...
> >
> > so my questions...
> >
> > is there a technical reason why xfs is unsuitable for this???
> >
> > has anybody thought about this before???
> >
> > i have found a method called 'xfs_iflush_int' does all writing to the hard
> > disk go through here, or are there many places in the code that would need
> > to be modified for decrypting/encrypting???
> >
> > is this a stupid idea??? :)
> >
> > steve...
> >
> > ps i hope this is the right place to send this message...
> > pps is there anybody else interesed???
>
> --
> christian widmer
> zurlindenstrasse 294, 8003 zurich, switzerland
> email: cwidmer@xxxxxxxxxxxx
> phone: ++41 (0)1 491 03 68
|