This bug no longer affects me, as well as all other ecryptfs related
bugs! :)
It has turned out that my needs are fulfilled by another solution, much better
in terms of stability AND performance: LUKS.
The difference from ecryptfs from the user's point of view:
1. whole partition/volume is encrypted (I use a separate LVM volume for /home
anyway)
2. a simplest setup requires a user to enter a password upon boot (this may be
automated for those who needs it, but I don't mind)
3. very stable:
no more kernel errors, I/O errors and trailing garbage in your files!
4. much better performance:
in my simple tests the improvement ranges from 5% for 300M single file read
to 2000% (i.e. 21 times faster) for fstat'ing 5000 files! All tests were
performed with cold caches, I just show worst and best results here, but the
general feeling is that average improvement close to an order of magnitude.
Quick howto "starting using LUKS right now":
1. Allocate new volume/partition, e.g.
sudo lvcreate --size 10G --name test_luks vg00
OR use fdisk to create something like /dev/sda6, then substitute your
device name in place of /dev/mapper/vg00-test_luks below
2. Format it for LUKS
sudo cryptsetup luksFormat /dev/mapper/vg00-test_luks
provide a password when asked (anything, not your login one)
3. Setup automatic decryption
echo "test_crypt /dev/mapper/vg00-test_luks none luks" | sudo tee -a
/etc/crypttab
4. Format decrypted volume, e.g. as ext4
sudo cryptdisks_start test_crypt
sudo mkfs.ext4 /dev/mapper/test_crypt
5. Setup automatic mount, e.g.
echo '/dev/mapper/test_crypt /mnt/test ext4 defaults 0 2' | sudo tee -a
/etc/fstab
6. Reboot to test. You will need to provide a password during boot process.
When you are comfortable LUKS you can migrate your /home to it and have
fun :)
More info for the curious:
1. https://wiki.archlinux.org/index.php/System_Encryption_with_LUKS
2. man cryptsetup crypttab
3. google :)
P.S. While this comment is formally off-topic I think many users
affected by this bug may find it useful.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/509180
Title:
ecryptfs sometimes seems to add trailing garbage to encrypted files
To manage notifications about this bug go to:
https://bugs.launchpad.net/ecryptfs/+bug/509180/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
