encfs ~/.crypt 是加密過的部份,目錄結構完全沒變,filename/directory name 經過加密,內容也加密。安全性好像比 loopback 差一點。
與loopback 相比,encfs 的好處是不用先預留空間。
使用你的 package manger, Mandriva 是用 urpmi
#urpmi encfs
我修改過 的 kernel 有出現 DKMS 的 error , 不用理,只要確定
modprobe fuse 沒有問題就可以了。
第一次執行 /dev/fuse permission/owner 不對 ,這時候
chown xxx /dev/fuse 改成你的 owner
[xxx@www ~]$ encfs ~/.crypt ~/crypt
The directory "/home/xxx/.crypt/" does not exist. Should it be created? (y,n) y
The directory "/home/xxx/crypt" does not exist. Should it be created? (y,n) y
Creating new encrypted volume.
Please choose from one of the following options:
enter "x" for expert configuration mode,
enter "p" for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
?> p
Paranoia configuration selected.
Configuration finished. The filesystem to be created has
the following properties:
Filesystem cipher: "ssl/aes", version 2:1:1
Filename encoding: "nameio/block", version 3:0:1
Key Size: 256 bits
Block Size: 512 bytes, including 8 byte MAC header
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File data IV is chained to filename IV.
..................... 這邊提到 hard link 內定是關閉的
Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.
New Encfs Password:
Verify Encfs Password:
沒有加密的部份就在 ~/crypt
之後的使用還是用
encfs ~/.crypt ~/crypt
這次就只會輸入密碼。
解除掛載用
$ fusermount -u ~/crypt
