[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why we need encrypted file systems
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Why we need encrypted file systems
- From: Morten Liebach <m_(_at_)_kallisti_(_dot_)_dk>
- Date: Sun, 16 Dec 2001 13:36:04 +0100
- Mail-followup-to: Morten Liebach <m_(_at_)_kallisti_(_dot_)_dk>, misc_(_at_)_openbsd_(_dot_)_org
On 2001-12-16 04:31:27 -0600, Andrey Smagin wrote:
> > -----Original Message-----
> > From: Dr. Evil
> > but encrypted FS is exactly what is needed for cases when the
> > is physically removed. That's easy enough in many cases,
> > with laptops, but also with servers.
> It was discussed here already about a month or two ago...
> Encrypted file system means using some sort of a password/key to
> decrypt it. Obviously, we can not keep the key on the same server,
> but we still need to access our data somehow.
On a laptop it'd be nice though, but Saad Kadhi has already commented on
> I don't see much use for encrypted file system, but some people
> might need it for reasons that I am not aware of. In practice, I
> would rather encrypt the actual data instead of the whole file
> system. This way I would still be able to do normal backups.
Why can't you do normal backups with encrypted FS?
If the encrypted file-system looks like one big binary file I can
understand the problems, but shouldn't it be possible to design the
system so there's one file per inode for example?
Writing an encrypted file-system is *way* over my head, but I'm intrigued
by the idea and looking for enlightenment.
(RTFMs end book titles welcome :-).
Have a nice day
Morten Liebach <m_(_at_)_kallisti_(_dot_)_dk> webthingy at http://kallisti.dk/
PGP-Key-ID: 0xD796A4EB on keyserver.net or at http://kallisti.dk/ml.asc