Hi,
recently we had a break-in where very valuable intellectual property
was stolen along with (negligeable) hardware.
To prevent this in future I'd like to establish a (physically secured)
Linux SMB server running a cryptographic file system.
I've taken a quick look, and there seem to exist essentially two
packages: one which encrypts at the partition, and the file system
level. (There seems to be also a system which encrypts/decrypts ~/ at
each login, but I doubt that's compatible with Windows).
Which cryptographic file system would you recommend?
Also, I'm unsure how authentication is accomplished. Are
passwords/phrases required at each access/session? Do passwords go
encrypted over the network?
Also, in future I'd like to use soft RAID (at least mirroring) and
XFS. It would be nice to have a crypto file system which can be
mounted over that.
TIA,
Eugene