On Sat, Mar 22, 2008 at 04:37:21PM +0000, Diccon Spain wrote: > To secure data on the NAS I want to use eCryptfs running on each > desktop computer to mount an encrypted directory which will layover > mount a shared (ext3) directory on the ReadyNas NV+ NAS over NFS > (the ReadyNAS supports NFS v2 / v3). Is this at all workable?
I have a patch I've been sitting on for a while that seems to make eCryptfs work well on NFS: http://downloads.sourceforge.net/ecryptfs/ecryptfs-fix-nfs.txt?modtime=1200087709&big_mirror=0 NFS plays some games with a dentry cookie on the client side, and eCryptfs has to jump through a few more hoops to make sure the local dcache reflects accurately what the server thinks is going on with dirents. I have not pushed this patch yet because I am a little nervous about its impact on local filesystems list ext3; I just need to convince myself that the dcache is still sane under all combinations of operations with the patch applied. > Will I be able to make it seamless (transparent) for the users? I > would love to see an article on this kind of shared secure files > scenario use of eCryptfs: there must be many people who could > benefit from being able to implement something like this? It should work in theory, and I have run a handful of tests with the above patch applied, but nobody has reported any extensive testing of eCryptfs mounted on NFS. I have not received any bug reports recently either, so I am uncertain of how many people are currently actually doing it. So, the long and short of it is, if you choose to run eCryptfs on NFS, apply the patch I linked to above, and beware that it has not been extensively tested. Please send bug reports to this list if you do run into trouble and we will look into it. Mike
signature.asc
Description: Digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ eCryptfs-users mailing list eCryptfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecryptfs-users
