[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: archive encryption

From: Robin Green
Subject: Re: [Gnu-arch-users] Re: archive encryption
Date: Sun, 9 May 2004 08:28:03 +0100
User-agent: Mutt/1.5.4i

On Sat, May 08, 2004 at 10:46:29AM +0200, Johannes Berg wrote:
> Another plan which I pursued for a while but had to give up due to time
> constraints for the time being was to encrypt everything (excluding the
> meta-info stuff), and even mangle the archive format in a way that also
> makes category names etc. unreadable.

There is no need[0] to reimplement CFS.[1] CFS encrypts file contents and names
(and metadata too IIRC). It worked quite well for me as an
encrypted filesystem (well, until I lost a hard drive and tried to restore
from an encrypted backup. Hint: Don't naively tar cvf the backing store for
a CFS filesystem, it won't work as a backup. At least, it didn't for me.)

Of course, you would need to use *two* layers of NFS in the proposed scenario
- CFS (which speaks NFS) on the client, and ordinary NFS on the server -
which is kind of yucky - but once you had it setup and working, it wouldn't
require any coding.

[0] Well, except for the fact that CFS is non-Free, and now only available in
the US and Canada because of export control paranoia :)


Attachment: pgpee82NgWeLK.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]