fusefs-cryptofs vs fusefs-cryptofs
Adam Vande More
amvandemore at gmail.com
Thu Jul 1 01:50:20 UTC 2010
On Wed, Jun 30, 2010 at 12:02 PM, Tim Gustafson <tjg at soe.ucsc.edu> wrote:
> > On FreeBSD, this is spelled GELI (or GBDE, but I think geli is
> > slightly better). Native filesystem level encryption -- rather
> > more efficient than something like fuse, needs no extra software
> > installed, very secure.
>
> Sorry, I should have been more specific:
>
> This is in the context of a jailed system. So, the encrypted file system
> must be creatable, configurable, mountable and unmountable entirely from
> within a jail.
I use file backed GELI fs in this manner. Of course you can script it
yourself, but I find the ez-jail handles my requirements perfectly. See the
Eli section
http://www.freebsd.org/cgi/man.cgi?query=ezjail-admin&sektion=1&apropos=0&manpath=FreeBSD+8.0-RELEASE+and+Ports
if you want it to be a seperate fs, you'll need to customize I believe.
--
Adam Vande More
More information about the freebsd-questions
mailing list