You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2010-08-22 19:40:19
- zero_one
- Member
- Registered: 2010-07-07
- Posts: 104
questions about ecryptfs....
I was thinking about using ecryptfs to encrypt my $home to protect my notebook. But if anyone has or is using it, i have a couple of questions.
1. Can the directory accessed from a live cd such as puppy linux or parted magic if the keys are saved to a flash drive or sd card?
2. If they are accessible though flash drives and sd cards, and something happens to the laptop (i.e. hardware failure) how would it be accessible, obviously ecryptfs-utils and keyutils needs to be loaded. is that all that is needed?
3. Is using utilities like clonezilla or rsync a better option than trying to recover the data? are they any better utilities?
Thanks to anyone who has any ideas.
Offline
#2 2010-08-22 21:01:21
- Stebalien
- Member
- Registered: 2010-04-27
- Posts: 1,237
- Website
Re: questions about ecryptfs....
1. Yes
2. Instructions are here: http://wiki.archlinux.org/index.php/Sys … h_eCryptfs
3a. If you use rsync or clonezilla, you will still need ecryptfs-utils and keyutils.
3b. If you intend to use something like rsync, make sure to use it on your encrypted folder, not the decrypted mount point (or your encryption will be pointless).
3c. If you loose your key, good bye data.
Steven [ web : git ]
GPG: 327B 20CE 21EA 68CF A7748675 7C92 3221 5899 410C
Do not email: honeypot@stebalien.com
Offline
#3 2010-08-23 14:15:51
- zero_one
- Member
- Registered: 2010-07-07
- Posts: 104
Re: questions about ecryptfs....
Thanks Steb, still havent worked out if im going to employ ecryptfs. with all the traveling i do it would be good to protect data if somehow the laptop was stolen. I see what your saying about clonezilla, but with rsync i can make backups of the upper without the need for ecryptfs. Am I right in thinking that? If thats the case that is probably my option to make unencrypted backups with rsync or just use the good old "cp" before traveling.
Offline
#4 2010-08-23 17:02:48
- Stebalien
- Member
- Registered: 2010-04-27
- Posts: 1,237
- Website
Re: questions about ecryptfs....
If you trust that your backup volume is secure and only need to protect your laptop then yes, you can use rsync/cp/tar etc. to backup the unencrypted data. I always encrypt my home directory because some applications like to store my passwords in their configuration files and I would rather that a thief not be able to sell my information/identity along with my laptop. I have never lost any data due to encryption.
If you do use encryption, you should also encrypt your /tmp with a random key or use tmpfs. You should also either disable your swap partition or encrypt it.
Steven [ web : git ]
GPG: 327B 20CE 21EA 68CF A7748675 7C92 3221 5899 410C
Do not email: honeypot@stebalien.com
Offline
Pages: 1