Date: Wed, 30 Jun 2010 20:50:06 -0500 From: Adam Vande More <amvandemore@gmail.com> To: Tim Gustafson <tjg@soe.ucsc.edu> Cc: freebsd-questions@freebsd.org Subject: Re: fusefs-cryptofs vs fusefs-cryptofs Message-ID: <AANLkTinCarI4JRkDnw8PCHcOn3VpA_wP6303a7oSEU33@mail.gmail.com> In-Reply-To: <1832862951.338331277917345049.JavaMail.root@mail-01.cse.ucsc.edu> References: <4C2B747E.3060500@infracaninophile.co.uk> <1832862951.338331277917345049.JavaMail.root@mail-01.cse.ucsc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 30, 2010 at 12:02 PM, Tim Gustafson <tjg@soe.ucsc.edu> wrote: > > On FreeBSD, this is spelled GELI (or GBDE, but I think geli is > > slightly better). Native filesystem level encryption -- rather > > more efficient than something like fuse, needs no extra software > > installed, very secure. > > Sorry, I should have been more specific: > > This is in the context of a jailed system. So, the encrypted file system > must be creatable, configurable, mountable and unmountable entirely from > within a jail. I use file backed GELI fs in this manner. Of course you can script it yourself, but I find the ez-jail handles my requirements perfectly. See the Eli section http://www.freebsd.org/cgi/man.cgi?query=ezjail-admin&sektion=1&apropos=0&manpath=FreeBSD+8.0-RELEASE+and+Ports if you want it to be a seperate fs, you'll need to customize I believe. -- Adam Vande More
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinCarI4JRkDnw8PCHcOn3VpA_wP6303a7oSEU33>