Encrypted filesystems

From: Peter B (pb_at_ludd.luth.se)
Date: 06/26/03

  • Next message: Dwayne MacKinnon: "Re: pkg_create broken?" 
    To: freebsd-fs@freebsd.org, freebsd-hackers@freebsd.org
Date: Thu, 26 Jun 2003 16:51:36 +0200 (MEST)

    I have searched for encrypted filesystems for un*x. Is there any better
    encrypted filesystems than the ones I have found for *bsd (+freebsd)..?

    Note that some comments are based on what others have said. I think it's
    important to keep in mind the different approches used, per-file vs disc-block
    aswell.

    I'm looking for something convinient to enrypt cdrom's. Which will also suit
    dvd-r media. It should preferable be portable and not require specific kernel
    hacks. To ensure feature stability & availability.
    The encrypted filesystems arena looks like a collection of software rather than
    a unified solution across platforms.

    Which operating systems manage to effectivly to use encrypted swap..?
    Openbsd seems to handle it nativly, while freebsd could possible use
    vncrypt in conjuction with swapon, or cfsd with swapon-file. Netbsd might use
    cgd?

    ==== Interesting encrypted filesystem projects ====

      The following is directly usable on freebsd:
        cfs 2 GB limit (nfsv2), easy portable
        vncrypt Unstable? (and needs kernel module)
        geom(4) Modular disk I/O request transformation framework

      The following seems usable althought might require some work:
        loop-aes Only ported to linux so far
          http://sourceforge.net/projects/loop-aes/

        cryptfs Port for freebsd available (btw, check out FiST!)
          http://www1.cs.columbia.edu/~ezk/research/cryptfs/index.html
          http://ftp.vit.edu.tw/pc/programming/hacktic/disk/

        BestCrypt Source avail, 30day trial period.
          http://www.jetico.com/

      Available, BUT not directly applicable:
        PPDD Linux specific, needs 100MHz+ pentium
        pgpdisk M$/win+Mac binary only

        http://mail.lab.net/lists/archive/cryptography-exploder/2003-February.txt
          PGPdisk + Linux ..?
          Janis Jagars, handle Disastry

        tcfs Alias cfs? (available for Linux,Netbsd,Openbsd)
          http://www.tcfs.it/

        ncryptfs Follow up from cryptfs, not publicly released yet.
          http://www1.cs.columbia.edu/~ezk/research/ncryptfs/ncryptfs.html#sec:eval-feature

    _______________________________________________
    freebsd-hackers@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
    To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

  • Next message: Dwayne MacKinnon: "Re: pkg_create broken?"