Daniel Kahn Gillmor wrote: > On Thu 2018-03-15 17:11:15 +0000, Andrew Gallagher wrote: > >> If this doesn't exist in the main GnuPG project then I'd be happy to be > >> referred to any 3rd party bits of software (even if commercial or > >> proprietary) that could? > >> > >> I understand if the answer *should* be block-level encryption... but > >> they're intend on file-level. > > > > The obvious approach would be to write a FUSE driver. It would be > > mounted as an overlay filesystem, and this filesystem would decrypt the > > encrypted files on demand into a ramfs, and then re-encrypt (and shred) > > on file close. > > or, if what you really care about is file-level encryption on a > GNU/Linux desktop and you *don't* care about files being OpenPGP > formatted, you could look into ext4's native encryption features (see > e4crypt(8) and related docs to get started). > > --dkg
yes, luks full disk encryption would be best of course but if boss says no, ecryptfs file system encryption might be acceptable. every file in an ecryptfs-mounted file system is individually encrypted. encrypting their names as well is optional. and it's easy enough to setup. and i haven't detected any performance penalty (except when running du, just don't). and i'm fairly sure ubuntu has this built-in for home directory encryption but i don't know which versions. cheers, raf _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
