使用ecryptfs来加密数据存储
其实好几年前就开始用这个方案了,现在资料都备份在云上,所以为了安全还是加密一下比较好。最近想新建一个加密的文件夹, 结果又忘了怎么操作了……
ecryptfs我已经装好了, 所以就只记录下如何操作。
使用:
$ mount -t ecryptfs /unencrypted/path /mount/path
Select key type to use for newly created files:
1) openssl
2) tspi
3) passphrase
Selection: 3
Passphrase: ******
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
4) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
5) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
Selection [aes]:
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]:
Enable plaintext passthrough (y/n) [n]:
Enable filename encryption (y/n) [n]: y
Filename Encryption Key (FNEK) Signature [****************]:
Attempting to mount with the following options:
ecryptfs_unlink_sigs
ecryptfs_fnek_sig=****************
ecryptfs_key_bytes=16
ecryptfs_cipher=aes
ecryptfs_sig=****************
Mounted eCryptfs其中要注意原始目录和要mount的目录不能是一样的。