CFS v TCFS v SFS v ?
David Wolfskill
david at catwhisker.org
Mon Feb 17 08:37:21 PST 2003
>Date: Mon, 17 Feb 2003 07:51:46 -0800
>From: richard childers / kg6hac <fscked at pacbell.net>
>I'm evaluating filesystems which provide encryption under
>FreeBSD.
>The following acronyms means the following things:
>CFS: Cryptographic File System
>TCFS: Translucent CFS
>SFS: Secure File System
>...
>Have I missed any other encrypting filesystems?
GBDE -- available only in FreeBSD-5.x (which recently acquired
"-RELEASE" status for the first time, but you don't want to use 5.0 for
GBDE, as I recall).
The acronym stands for "GEOM-based disk encryption".
It is not, strictly speaking, an "encrypting filesystem," as this is
below the level of "filesystem": you can put any sort of file system on
it that you could on a "raw" disk. Thus, the idea is that you can set
up a (piece of a) disk en encrypted via GDBE, then create a filesystem
of your choice on it; absent the key(s) to unlock the disk in question,
even the type of filesystem that is on it should be non-trivial to
determine.
For more information:
d144(5.0-C)[1] apropos gbde
gbde(4) - Geom Based Disk Encryption
gbde(8) - operation and management utility for Geom Based Disk Encryption
d144(5.0-C)[2]
I haven't done anything with it (yet), but Lucky Green came to a recent
BAFUG meeting (January's) and mentioned it with a fair degree of
enthusiasm (or so I perceived; I could be wrong).
Cheers,
david (links to my resume at http://www.catwhisker.org/~david)
--
David H. Wolfskill david at catwhisker.org
WARNING: Use of Microsoft products may be hazardous to your system's integrity.
More information about the Baylisa
mailing list