Quoting MartinSteigerwald (<email address hidden>):
> Thanks, Dustin.
>
> One part of my suggestion was to store the configuration of an ecryptfs
> filesystem within the encrypted directory[1].
>
> With encfs I can rsync the crypted directory to somewhere else and then just
> mount it on the remote machine like I would on my local one. I do not have to
> think about copying the ecryptfs configuration as well.
>
> Encfs stores its configuration directly in the encrypted directory like
> this:
>
> merkaba:~> ls -l /home/.ms2/.encfs5
> -rw-r----- 1 root root 241 Mai 19 2008 /home/.ms2/.encfs5
>
> [1] encryption metadata not stored with filesystem on ecryptfs vger kernel org:
> http://www.spinics.net/lists/ecryptfs/msg00062.html
Overall, the suggestion makes sense, and I like it.
But one neat thing about ecryptfs is that you can do
mount -t ecryptfs /home/user/.Private/some/sub/dir /mnt
So my concern would just be that people would learn to expect the
config file to always get copied with the dir, which wouldn't happen
in this case.
Not sure enough people use it this way to worry about. Just wanted
to point it out. (Giving people magic means they won't know the
limitations of the magic, and get upset when the magic breaks)
Quoting MartinSteigerwald (<email address hidden>): www.spinics. net/lists/ ecryptfs/ msg00062. html
> Thanks, Dustin.
>
> One part of my suggestion was to store the configuration of an ecryptfs
> filesystem within the encrypted directory[1].
>
> With encfs I can rsync the crypted directory to somewhere else and then just
> mount it on the remote machine like I would on my local one. I do not have to
> think about copying the ecryptfs configuration as well.
>
> Encfs stores its configuration directly in the encrypted directory like
> this:
>
> merkaba:~> ls -l /home/.ms2/.encfs5
> -rw-r----- 1 root root 241 Mai 19 2008 /home/.ms2/.encfs5
>
> [1] encryption metadata not stored with filesystem on ecryptfs vger kernel org:
> http://
Overall, the suggestion makes sense, and I like it.
But one neat thing about ecryptfs is that you can do
mount -t ecryptfs /home/user/ .Private/ some/sub/ dir /mnt
or
rsync -va /home/user/ .Private/ dir1 host1: .Private/ dir2 host2:
rsync -va /home/user/
So my concern would just be that people would learn to expect the
config file to always get copied with the dir, which wouldn't happen
in this case.
Not sure enough people use it this way to worry about. Just wanted
to point it out. (Giving people magic means they won't know the
limitations of the magic, and get upset when the magic breaks)
-serge