Re: encfs works?

To: Jan Šmydke <jan.smydke%jh-inst.cas.cz@localhost>
Subject: Re: encfs works?
From: Victor Dorneanu <victor%dornea.nu@localhost>
Date: Sat, 06 Feb 2010 14:42:50 +0100

Jan Šmydke wrote:
> Thank you, Victor, for this tip. However it doesn't work either -
> perhaps as
>
> crw-------  1 root  wheel  178, 0 Dec 14 00:49 /dev/putter
>
> i.e. users don't have access here. I suppose changing permission or
> ownership of this device is not really wanted. It works for you now?
>
> JS
>   

Hmm... I used to use it with sshfs. I usually don't change permissions
(like SUID etc.) on executables.  This is how I do it:

------------------------------------------------------------
$ ls -l /usr/sbin/fusermount
-r-xr-xr-x  1 root  wheel  10783 Jan 19 16:22 /usr/sbin/fusermount

$ sshfs user@host:/home/user/ /home/victor/tmp/user/
Enter passphrase for key '/home/victor/.ssh/id_rsa':
sshfs: puffs_mount: "/home/victor/tmp/user/" is a relative path.
sshfs: puffs_mount: using "/home/victor/tmp/user" instead.
sshfs: puffs_mount: directory "/home/victor/tmp/user/": Operation not
permitted

$ sysctl -w vfs.generic.usermount=1       (as root)
vfs.generic.usermount: 0 -> 1

$ sshfs user@host:/home/user/ /home/victor/tmp/user/
Enter passphrase for key '/home/victor/.ssh/id_rsa' 
sshfs: puffs_mount: "/home/victor/tmp/user/" is a relative path.
sshfs: puffs_mount: using "/home/victor/tmp/user" instead.
------------------------------------------------------------

The 2nd try was indeed successful.  The same with encfs:

------------------------------------------------------------
$ encfs /home/victor/encrypted/ /home/victor/tmp_encrypted/
Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?>

Standard configuration selected.

Configuration finished.  The filesystem to be created has
the following properties:
Filesystem cipher: "ssl/blowfish", version 2:1:1
Filename encoding: "nameio/block", version 3:0:1
Key Size: 160 bits
Block Size: 512 bytes
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism.  However, the password can be changed
later using encfsctl.

New Encfs Password:
Verify Encfs Password:
encfs: puffs_mount: "/home/victor/tmp_encrypted/" is a relative path.
encfs: puffs_mount: using "/home/victor/tmp_encrypted" instead.

$ cd /home/victor/tmp_encrypted/
$ touch bla
touch: bla: Operation not permitted
------------------------------------------------------------

Well that's strange...

-- 
Victor Dorneanu

Contact
- Web/Blog: http://dornea.nu

GnuPG information
- KeyID = 0xD20870F4 (pgp.mit.edu)
- Key fingerprint = DD6B 5E09 242F 7410 3F90 492A 4CBA FD13 D208 70F4

References:
- encfs works?
  - From: Greg Troxel
- Re: encfs works?
  - From: Jan Šmydke
- Re: encfs works?
  - From: Victor Dorneanu
- Re: encfs works?
  - From: Jan Šmydke

Prev by Date: Re: [UPDATE] math/pari
Next by Date: default option set for math/octave depends on non-free software
Previous by Thread: Re: encfs works?
Next by Thread: pkgsrc and distcc
Indexes:

Home | Main Index | Thread Index | Old Index