Encryption: Disk based vs. file system vs. per file

Comments 2

Once your data is on disk, it's extremely important to continue to ensure its protection. I have personally used both Luks (https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-LUKS_Disk_Encryption.html) and ecryptfs (https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/filesysnew-efs.html) in various configurations. I'm wondering what the overall experience has been with these two technologies, especially ecryptfs for on-disk based encryption.

Started 2012-12-04T14:23:04+00:00 by

David Sirrine

Pro 408 points

Responses

Red Hat Guru 3719 points

13 December 2012 4:46 PM

Ryan Sawhill

I'm curious to hear stories about people using eCryptfs too. Like David, I use them both, though I tend to use dm-crypt + LUKS more. I suspect the same can probably be said for our customers, given that ecryptfs-utils has always been a Technology Preview in RHEL. ....

So. Any RHEL users out there using eCryptfs in production, despite the lack of guarantees (due to tech preview status)?

Guru 3262 points

17 December 2012 8:33 AM

Phil Jensen

Community Leader

I haven't had a chance to use eCryptfs in production; but have used hardware disk-based encryption in the past.

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

Encryption: Disk based vs. file system vs. per file

Responses