Two-tier encryption strategy: Archiving your files inside an encrypted loopback partitionFeeding the Cloud
<a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>
https://feeding.cloud.geek.nz/posts/two-tier-encryption-strategy-archiving/Feeding the Cloudikiwiki2012-11-04T04:30:26Zhttps://feeding.cloud.geek.nz/posts/two-tier-encryption-strategy-archiving/comment_1_d8c22245f5c69d0a4c8e6c89e246b246/Anonymous2012-11-04T04:30:26Z2008-04-10T20:49:00Z
A practial solution to the problem is encfs. It is fuse based and works on top of a existing filesystem. The files are not encrypted in a big block file, but in separated files, so you needn't reserve space prior using. The usage of encfs is very easier than that of cryptmount. The speed could be a little slower. No root access is needed.
https://feeding.cloud.geek.nz/posts/two-tier-encryption-strategy-archiving/comment_2_6624b1438067e7fc20aceb32afdcfec1/Anonymous2012-11-04T04:30:26Z2008-04-11T01:45:00Z
<p>Haha. (I am the loon that posted on your previous link)</p>
<p>It gets even better then that for Encfs.</p>
<p>I had this problem, you see. I kept my 'serious' data encrypted in encfs. However I realised that I left it mounted all the time because I got to lazy. So it's purpose is defeated.</p>
<p>I figured I might as well leave it plain text and just encrypt the entire drive. I did some performance testing and I did just that.</p>
<p>Now my drives on all my mobile devices are encrypted using LUKS. (and I wish Debian's installer supported LUKS...... it's just soooooooooooo much much better then old dmcrypt. Same security, much more easier to live with).</p>
<p>Then I realized something while reading this article.</p>
<p>Security (of this type) is nothing without conveniance.</p>
<p>It's the same thing as backups. Both are protecting your data, so I am not surpised the problems are so similar.</p>
<p>If backups are difficult or annoying to do, then you won't do them. You may start off, but unless it's completely automated then you'll forget about it and data will get out of hand and so on and so forth.</p>
<p>Same f-ing thing with encryption.</p>
<p>So towards that end I want to let you know about <em>CRYPTKEEPER</em>. Fantastic stuff.</p>
<p>It's a Gnome applet for Encfs. Found it while going apt-cache search encfs.</p>
<p>Debian ROCKS<br />
Free Software ROCKS.</p>
<p>Encryption with Batteries Included. Got to love this OS.</p>
<p>The one thing about fuse that sucks, but isn't a big deal in a single-user computer is that you have to allow access to /dev/fuse and a couple setuid root binaries. This is a "bad thing". Not the end of the world, but it is what it is.</p>
<p>Maybe it can get fixed with PolicyKit and all that. Right now, though, its the best thing going forward.</p>
https://feeding.cloud.geek.nz/posts/two-tier-encryption-strategy-archiving/comment_3_b305b5e27f56e58850c8f0fdaf4b0495/ulrik2012-11-04T04:30:26Z2008-04-11T16:41:00Z
<p>Hello Anonymous cryptkeeper enthusiast, your post is very exciting but it stops right before telling us why and how cryptkeeper is so useful and what it does. And it doesn't even link. (Even though I'm not dumber than that I can apt-cache search too..).</p>
<p>Regards</p>
https://feeding.cloud.geek.nz/posts/two-tier-encryption-strategy-archiving/comment_4_3d64ed7f90380b00fe1adf4a6024dd0d/Anonymous2012-11-04T04:30:26Z2009-06-19T19:40:12Z
<p>EncFS is nice for storing encrypted files, but this solution works much better if you want to run applications from your encrypted file system. For example, mutt mail can't be stored in the EncFS mount.</p>
<p>EncFS seems to be maturing quickly; for now I think cryptmount is a more mature and dependable solution.</p>