From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 1BFF11381FA for ; Mon, 2 Jun 2014 11:34:47 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 27FC2E0B2B; Mon, 2 Jun 2014 11:34:42 +0000 (UTC) Received: from mail-ie0-f194.google.com (mail-ie0-f194.google.com [209.85.223.194]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 19261E0A8B for ; Mon, 2 Jun 2014 11:34:41 +0000 (UTC) Received: by mail-ie0-f194.google.com with SMTP id tp5so1308130ieb.1 for ; Mon, 02 Jun 2014 04:34:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=TtNQSVutetRjkoej3n/6OjnWb8e94vD7l1fxf6GA3MM=; b=VoAAXsWBsfRX0/A48OdaDnXcvjyptlAdqr9G3eB7kuJmse7wTxsptLFWD+5gWUipk4 nToytHtY0Ev331bYAfFuQUIN+fuA6480/TJgJZnrjcZyN2hnyPOBkSmAeQyE6XiP+TZm 2l8qkaEKM4NyYX3nK33lU9ycN5z9EWWqrHCz8JfH5xQx0tbZXQvUP/mzpmi3fyD959og Iimi3/f408Z/qabXasyl5Q31yKuCYtQ1eTFeWayKW2WfImt0xIhCbovVcMprLyElALxa 5dQm6NZHfiMBoIMuIfvDcyI8g6zxILNvr8tsyeLVVISpLQKuai3PhQrztHlE3TgITh/l Fy6A== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.50.137.67 with SMTP id qg3mr18006459igb.33.1401708880457; Mon, 02 Jun 2014 04:34:40 -0700 (PDT) Received: by 10.50.124.1 with HTTP; Mon, 2 Jun 2014 04:34:40 -0700 (PDT) In-Reply-To: <20140602102007.088c6f45@hactar.digimed.co.uk> References: <538B1D0A.9070405@libertytrek.org> <538B66A1.6070106@googlemail.com> <538C344E.6050809@gmail.com> <538C3B9F.10808@hadt.biz> <20140602102007.088c6f45@hactar.digimed.co.uk> Date: Mon, 2 Jun 2014 19:34:40 +0800 Message-ID: Subject: Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet? From: Mark David Dumlao To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 X-Archives-Salt: e5cf6d67-8f17-4600-ad90-cca6935b524b X-Archives-Hash: 6e056f21649ca3dfe1c3eda969cfde49 On Mon, Jun 2, 2014 at 5:20 PM, Neil Bothwick wrote: > On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote: > >> > I'm considering encrypting my home partition one of these days. Given >> > the things that have come out in recent months, back doors and such, >> > what is a good program/software/tool to use that is well . . . >> > secure? Is there such a thing now? > >> Depends on your needs, for encrypting complete devices/partitions try >> the kernels dm-crypt/luks module. If you just want to encrypt a >> directory try encfs, and for file encryption there's openssl and gpg > > Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which > needs FUSE, when ecryptfs does the same thing in kernel space? > for dual-boot systems, or simply from the point of system recovery, I find it really attractive that I can, for example, open an encfs filesystem in "the other operating system" (there's an encfs for windows). Besides, I think the fact that you're doing encryption / decryption on the fly completely overshadows the performance hit from running a userspace filesystem anyways. Also, it's extremely convenient to be able to mount / unmount the encfs on the fly without su, sudo, or messing with fstab, as, for instance, with the case of portable hard disks or usb sticks, where you don't want to automatically unencrypt the contents unless you're prompted for the password. -- This email is: [ ] actionable [x] fyi [ ] social Response needed: [ ] yes [x] up to you [ ] no Time-sensitive: [ ] immediate [ ] soon [x] none