[OpenAFS] Linux OpenAFS & EncFS?

Derek Atkins warlord@MIT.EDU
Wed, 19 Feb 2014 10:11:19 -0500


hays <hays@cs.unc.edu> writes:

> openafs-info-request@openafs.org wrote:
>> Am Montag 17 Februar 2014, 14:05:23 schrieb Lars Schimmer:
>>> > Or does anyone has another idea on howto encrypt a directory in OpenA=
>> FS
>>> > on client system without any further interaction?
>> 
>> What about Truecrypt? Has the advantage of being platform-independent.
>> 
>> Bye...
>
>
> Truecrypt is good, but it creates a monolithic container, and that
> impacts backups. Encfs encrypts files and folders, so that works well
> for folders that are synced.
>
> Lars, FWIW, I just did a brief test--I created an crypt store in my afs
> home dir, and then used encfs to mount that to a directory on my
> workstation. That seems to work just fine. I think you'd want to do it
> this way--you want to be careful where you mount encrypted volumes since
> you don't want the mount point where things are non-encrypted accessible
> to backup systems not under your control.
> bil

I think you just need to make sure that the EncFS process is running in
your PAG so it can use your tokens.  If you "logout" (but EncFS is still
running) it may eventually lose tokens and no longer be able to access
AFS.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available