Re: About crypt...

C. Scott Ananian (cananian@lcs.mit.edu)
Fri, 22 May 1998 04:25:38 -0400 (EDT)


On Thu, 21 May 1998 James Mastros <root@jennifer-unix.dyn.ml.org> wrote:

> On Thu, 21 May 1998 sybyte@col.psi.br wrote:
> > #mount -t crypt /dev/cryptdev /mnt
> > enter password:foo
> > cript system mounted...
>
> It would probably be cleaner to use a loopback with a "slow and ineficent
> compression" filter. <G> (No, nice ITAR people, no encription hooks
> /here/.) This comes up every now and again on this list.
>
> Anybody know where the newest brand of loopback patches are, and whether
> they are slated for mergeing in 2.3?

*Well*, I maintain a set of crypto patches that are in production use at
various places I've worked, *but* I've got the horrible disadvantage of
living inside a country with draconian export laws.

Last time I brought this up & posted my "add-your-own-crypto" version of
the patch, I got flamed and angrily told that there *was* an *official*
kernel loopback/crypto patch, *much better* than mine and slated for
inclusion in the kernel *Real Soon Now*. Needless to say, that was about
a year ago.

Recently, I heard more rumor of an 'improved modular loop driver' that,
also, was supposed to be integrated into the kernel Real Soon Now. Hmph.

In the meantime, the current loop driver has major SMP problem. I plan to
address that in the next couple of weeks, and continue working on the
assumption that all these New Better Drivers are vaporware, until I
actually see patches available for testing.

Although the loop-driver is probably the fastest encrypted filesystem
option at the moment, there are several other choices, most of which do
some version of NFS loopback. TCFS and CFS are two that leap to mind:
See
http://tcfs.dia.unisa.it//
and
http://www.replay.com/redhat/cfs.html
--Scott
@ @
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-oOO-(_)-OOo-=-=-=-=-=
C. Scott Ananian: cananian@lcs.mit.edu / Declare the Truth boldly and
Laboratory for Computer Science/Crypto / without hindrance.
Massachusetts Institute of Technology /META-PARRESIAS AKOLUTOS:Acts 28:31
-.-. .-.. .. ..-. ..-. --- .-. -.. ... -.-. --- - - .- -. .- -. .. .- -.
PGP key available via finger and from http://www.pdos.lcs.mit.edu/~cananian

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu