fscrypt
fscrypt copied to clipboard
google
Go tool for managing Linux filesystem encryption
We should have a better idea of how well our code is tested. - [x] (#27) Have a way to automatically compute code coverage - [x] (#27) Add a badge...
Encrypting a new directory with a new v2 policy re-uses the login protector. However, it does not re-use the recovery protector, but creates a new one (Y/n). User ends up...
Destroying policies and protectors feels like a gamble. After a while, and after some upgrades to `fscrypt`, a user can end up with a lot of encrypted directories scattered over...
This would be really cool, but really only makes sense for portable U2F keys Library: https://github.com/flynn/u2f
Right now we ask two questions when running "fscrypt encrypt": 1. Do you want a new protector? 2. (If no), which existing protector would you like to use? We should...
[systemd-homed](https://wiki.archlinux.org/index.php/Systemd-homed) allows for [fscrypt-encrypted home directories](https://wiki.archlinux.org/index.php/Systemd-homed#fscrypt_directory). However, this does not use the fscrypt userspace tool, just the kernel functionality. We should document the tradeoffs of using `homectl` vs this tool....
When using SDDM display manager, **filenames are still available in plaintext after user logs out**. It's weird as **file contents remain encrypted**. **It doesn't happen if user logs in from...
Is it possible to compile fscrypt without libpam for systems that do not support it?
You can't run `fscrypt encrypt` on a directory that is already encrypted with pam_passphrase: ``` # mkdir test # fscrypt encrypt test --user=redsandro Your data can be protected with one...
How long until `fscrypt recovery` will be a thing? I've had my ass saved at least once in the past by keeping an unwrapped ecryptfs key safely stored, and I'd...
