On Fri, Feb 4, 2011 at 1:11 PM, David Tomaschik <[email protected]> wrote: > What are you trying to protect? On servers, I prefer to do full disk > encryption with LUKS. (Just my .02). I like eCryptFS better where only a > subset of data needs protection. ... > On Thu, Oct 15, 2009 at 4:40 PM, eilaf mugbil <[email protected]> wrote: >> >> Hello; >> >> I want to ask, Which directory in my Linux server (for example http >> server) should I encrypt using ecryptfs? >> can i encrypt /etc ?
David is dead-on right. If you want to protect /etc (and there are certainly times and places when you want to protect /etc), then you probably also want to protect /var. And if this is the case, then LUKS + LVM full disk encryption is the way to go. If you want to protect just a subset of your data (perhaps /home, or some other folder or folders), then eCryptfs is a great option. eCryptfs doesn't work particularly well with /etc or /var because so much of /etc/ and /var/ are required to boot a system. If you need to decrypt data just to boot the system, then LUKS + LVM have excellent integration with various boot utilities, like upstart, sysvinit, plymouth, etc. Hope that helps, cheers, Dustin _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs-users Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs-users More help : https://help.launchpad.net/ListHelp
