On Tue, 2004-01-27 at 11:22, Robert P. J. Day wrote: > what is the preferred approach to supporting encrypted filesystems > under fedora? the cryptoloop HOWTO at www.tldp.org, > http://www.tldp.org/HOWTO/Cryptoloop-HOWTO/index.html > seems to suggest that the 2.6 kernel is necessary, and also seems > to require newer userspace tools. > > the HOWTO also refers to loop-AES as being more mature, but > requiring kernel patches, as an alternative to cryptoloop. > > so what's the recommended approach? and can anyone comment > on the long-term direction of encrypted filesystems? is there some > approach that is expected to become the standard? I'm more inclined towards cryptoloop as it uses current kernel infrastructure for crypto algorigthms which are also used by NFSv4. Maybe it's not as mature as Loop-AES, but I think kernel crypto will allow for more features in the end, like key management support, GSSAPI integration, etc.
