[ale] Encrypting FS by a normal user? to protect from root?
Brian Pitts
bpitts at learnlink.emory.edu
Fri Mar 16 18:06:21 EDT 2007
Atlanta Linux Enthusiasts wrote:
> The good news is you also made me think about using EncFS to expose an
> encrypted and non-encrypted FS on my local machine. I could backup to
> the non-encrypted version, then rsync the encrypted version to the
> remote site. That is sounding fairly safe and I don't think any
> individual files are over the size of a DVD ISO so I don't need too
> much extra space.
The main downside I see is that you end up storing the data twice
locally, in encrypted and unencrypted form. What I would try is mounting
dreamhost using sshfs, then creating the encrypted directory directly on
it. Something like
mkdir ~/dreamhost
sshfs me at dreamhost.com: ~/dreamhost
mkdir ~/dreamhost/encrypted ~/unencrypted
encfs ~/dreamhost/encrypted ~/unencrypted
rsync -av ~/dataToBackup ~/unencrypted
You could take the same approach and mount an encrypted loopback device
over sshfs.
-Brian
More information about the Ale
mailing list