Automatically encrypting data files in a partition.
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Fri Nov 21 17:28:00 PST 2003
"Paul Hamilton" <paul at bdug.org.au> writes:
> I need a way to store different directory trees and files with different
> encryption keys, i.e..
>
> /data/mars /data/mars/one /data/mars/two etc all are encrypted with one
> key and
>
> /data/venus /data/venus/one /data/venus/two etc, would have a different
> key.
>
> Ideally, the directory structure, and file names wouldn't be encrypted.
> /data is an independent partition.
>
> Some of these files, could be MS Office data files, others might be MS
> program *.exe files etc. It would be nice if this happened at the
> filesystem level, i.e., I would enter a key and the root dir name for each
> 'data tree' into the config file, reload the config file into the
> 'encryption filesystem program' and all would be sweet ;-)
The closest thing I know of is cfs (in the ports). It encrypts some
of the directory structures as well, which is usually desirable
because they can contain secret information as well (think of a file
named "CompanyX_Merge_Plans.doc"). I don't know if it's capable of
handling passphrases centrally as opposed to on a user-session basis,
but if so, you would need someone with the password present every time
you booted the machine.
More information about the freebsd-questions
mailing list