On Mon, Aug 10, 2009 at 05:23:48PM +0000, Joseph L. Casale wrote:
Anyone got any experience/suggestions for a way to store a directory of sensitive information on a CentOS box? This directory contains many scripts and output files, I need it backed up but not unencrypted and don't want to store it in a tar file type archive as when it needs to be accessed and have scripts executed/data generated, it needs to be untarred/unencrypted and I don't know the ramifications of this wrt recovery once its retarred and deleted. I was hoping it could be stored somehow such that it was decrypted on the fly when needed by entering a pass/keyphrase before use.
Thus it could be backed up and remain encrypted. Is dm-crypt the simplest option here?
If you want to backup the directory while it is still encrypted (not mounted), look for encfs.
But I prefer luks myself (uses dm-crypt).