[CentOS] Cryptographic Filesystem

Rodrigo Barbosa rodrigob at darkover.org
Fri Feb 2 05:44:07 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Feb 02, 2007 at 01:27:41PM +0800, Ow Mun Heng wrote:
> On Thu, 2007-02-01 at 23:23 -0600, Barry Brimer wrote:
> > > Anyone else using CFS on CentOS 4.4 ?
> > > I have started using it today (unimportant stuff for now, for testing),
> > > and am wondering what are other people experiences with it.
> > >
> > > I'm using version 1.4.1, rpms kindly provided by Karan on his repository.
> > >
> > > My main concern is data loss, not security itself. From what I noticed,
> > > the strenght of CFS crypto is less than optimal.
> > >
> > > CFS right now looks like a very convenient solution. Much easier than the
> > > losetup stuff (which is a PITA).
> > 
> > I have not tried TrueCrypt yet, only read about it.  Maybe it would be 
> > useful as well. 
> > <http://www.truecrypt.org>
> 
> Truecrypt is the only cross platform crypt system/software I know about.
> However, last I check, it is not FOSSware. It's only FreeWare.

It is more like "MessWare". Check this small opening text for the
License.txt file:

The TrueCrypt Collective License consists of several distinct licenses, which
are contained in this document (separated by lines consisting of underscores)
and which are, in this section, referred to as component licenses. Each of the
component licenses applies only to (portions of) the source code file(s) in
which the component license is contained or in which it is explicitly
referenced, and to compiled or otherwise processed forms of such source code.
None of the component licenses applies to this product as a whole, even when it
uses the phrase "this product" or any other equivalent term/phrase. Unless
otherwise stated, graphics and files that are not part of the source code are
covered solely by the TrueCrypt License.
Note: The TrueCrypt License is one of the component licenses of which the
TrueCrypt Collective License consists.

> Truecypt again, uses a file as a storage block.

Which is a big problem. Easy to get everything corrupted.

I have 2 problems while using cfs so far. Both were due to a small
problem on the ext2 filesystem where it was stored. I was copying
a file to the cfs filesystem (both on the same ext2 fs).

I've got a complete lockdown on cfsd, and had to hardboot the
machine. In both cases, I've lost nothing, and only the specific
file I was copying, on the destination, was "lost" (partially copied).
It gave me a VERY good impression of cfs' robustness.

Not sure if I've made myself clear here (3:43am, english not primary language,
blah blah blah). Ask for clarifications if this ended up confusing.

Best Regards,

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFws+mpdyWzQ5b5ckRAiF4AJ9Na6ERkwDa9RIPsiXdAsXfT4QDNwCfXq87
I2XcU+fTxpHJ6aU8HDqBtSQ=
=P4zI
-----END PGP SIGNATURE-----



More information about the CentOS mailing list