Thread: encrypted filesystem
View Single Post

  #2 (permalink)  
Old 05-26-2004
Christopher Browne
 
Posts: n/a
Default Re: encrypted filesystem
Clinging to sanity, Brad Olin <bwo@bwo1.com> mumbled into her beard:
> On Wed, 26 May 2004 13:27:36 GMT, SiD` <miki28_@T_ngi.it> wrote:
>
>>Hi,
>>
>>as a newbie, I would like to know if there is any way to configure a
>>server running linux in which I can use strong-encryption (like PGP or
>>something which is VERY hard to be violeted (like PGPdisk)) which can be
>>auto-mounted at startup. I wish to be able to access the encrypted data
>>ONLY with the password or by programs with the privileges to read those
>>datas. (like the NTFS encryption, which I don't know how much secure is..)
>>
>
> I have never done this myself, but I have read a few articles about it.
> My suggestion is you do a bit of research yourself. As a linux user,
> new or old, you will find this saves alot of your time and it usually
> provides additional ideas that might be better than your original.
>
> Anyway, point your fav browser to... http://groups.google.com In the
> search criteria box enter something like "linux encrypted disk" for this
> question. There seems to be 100s of articles on this.
>
>>Final question: the speed of this system, would be ok or it would be
>>compromised?

> I'd not sure I understand the question here. My guess is that a
> software encrypted disk would have significant overhead and might
> need additional processor power. A hardware encrypted disk
> controller would be a different story.

AES, Blowfish, and Twofish were designed with a view to being
efficient on general purpose systems, so the overhead should only be
"moderate," as opposed to the "really painful" that is true for 3-DES.

And note that if the disk controller does the work, that is likely to
mean that the whole filesystem is held hostage to the disk controller.
Change controllers and you probably lose all the data. That might not
be what you want...
--
let name="cbbrowne" and tld="ntlug.org" in String.concat "@" [name;tld];;
http://cbbrowne.com/info/linux.html
Rules of the Evil Overlord #156. "If I have the hero and his party
trapped, I will not wait until my Superweapon charges to finish them
off if more conventional means are available."
<http://www.eviloverlord.com/>
Reply With Quote