On Fri, Feb 5, 2010 at 11:54 AM, David Tomaschik <[email protected]> wrote: > I'm in the process of doing some maintenace on my desktop at home, including > moving from a single disk to a RAID-1 environment. As part of this, I was > wondering if it's a good idea to migrate from dm-crypt/LUKS (my current > method, been using it since I was using Gentoo a few years back) to > eCryptfs. Before I do this, I had a few questions regarding eCryptfs I > haven't seen answered online. Specifically, has the security of eCryptfs > been audited much? I'm not storing anything super-sensitive, but I do have > financial records and other personal information that I'd like to keep > secure.
Hmm, audited much... Well, there hasn't been any specific audit or security certification, that I'm aware of. However, I can say that: 1) eCryptfs was designed and written by developers in IBM's Linux Technology Center and IBM Research 2) Canonical has invested significant effort in enhancing eCryptfs and making it usable by human beings, and specifically implementing the Encrypted Home Directory feature; also, it had to pass through a bit of a security review to be included in Ubuntu main and added to the Desktop CD 3) Red Hat backported a modern ecryptfs kernel module and ecryptfs-utils userspace to the last update to RHEL5, which resulted in a number of nice bug fixes 4) I ran a series of "crypto challenges" in my blog, offering prizes to the first person to crack each of 3 "challenges"; in each case, brute force was used and no short-cuts were found 5) Erez Zadok has used eCryptfs in his graduate level filesystems class at cs.sunysb.edu, and his students have submitted several minor fixes to the kernel module > Secondly, is there a way to prevent encryption on a subset of my > home directory? I don't see a need for my .wine (World of Warcraft, tbh) > and VirtualBox Disk Images to be encrypted (seems like an unnecessary > performance hit). Sure. Just create a symlink to a non-encrypted directory. I store all of my development source code and trees under /local/source. In my home directory, I have a symlink ~/src -> /local/source. So I can just cd ~/src and I'm in non-encrypted space. > Third, are acls/xattrs supported on an ecryptfs mounted > system? I understand the information may be passed through to the > underlying file system. Yes, they should be. Tyler Hicks will have more information on this. > My general plan is this: > 1. Full backup of $HOME > 2. Install new HD, create degraded RAID-1. > 3. Slice new RAID with LVM (I like to keep /home separate in case of > reinstall) > 4. Setup new $HOME with ecryptfs as detailed in > http://www.linux-mag.com/id/7568/2/ > 5. Rsync old HD to new from a LiveCD > 6. Readd old HD as "replacement" member for RAID-1. > > It seems like this is the ideal time to move from LUKS to eCryptfs. My main > motivation for moving is not having to have a defined size for my > partition. My understanding is that with eCryptfs, I should have no > problems resizing /home using LVM/resize2fs. Is there any reason not to > switch? Well, one of the main motivations for using eCryptfs is that you don't have to preallocate some set amount of space for your encrypted information, as you do with dmcrypt or LVM-LUKS, etc. Your /home partition is on some filesystem of your choice (ext3, ext4, xfs, etc.). Your eCryptfs encrypted home is a layer on top of that, /home/$USER, such that when it's mounted, you just read/write files as normal. But when they actually get written to the disk, they are encrypted on a per file basis. These exist as binary/encrypted files on the underlying filesystem wherever /home is. You can write as many of those files as you want, until /home fills up. In this sense, the behavior and user experience is more like what you have when you have a non-encrypted home. :-Dustin _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs-users Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs-users More help : https://help.launchpad.net/ListHelp
