eCryptfs
| Original author(s) | Michael Halcrow, IBM LInux Technology Center, Erez Zadok, Michael Halcrow |
|---|---|
| Developer(s) | Tyler Hicks, Dustin Kirkland |
| Initial release | November 30, 2006 |
| Stable release | 104 / January 23, 2014 |
| Development status | Active |
| Written in | C |
| Operating system | Linux |
| Platform | Linux kernel |
| Type | filesystem, encryption |
| License | GPL v2+ |
| Website |
ecryptfs |
eCryptfs (Enterprise Cryptographic Filesystem) is a package of disk encryption software for Linux. It is implemented as a POSIX-compliant filesystem-level encrypted file system that has been part of the Linux Kernel since version 2.6.19. The eCryptfs package has been included in Ubuntu since version 9.04 and is used to implement Ubuntu's 'Encrypted Home' feature,[1] which provides an easy-to-use method for Ubuntu users to encrypt their home directories.
Filesystem-level encryption has certain advantages and disadvantages over full disk encryption. Whereas full disk encryption works at the block-level, requiring an additional file system to be mounted over the top in its own partition, filesystem-level encryption can exist within an existing partition, requiring no specific block area to be set aside for its use.[2] It also allows for encryption to be applied selectively on a per-file or per-directory basis.
A disadvantage of filesystem-level encryption is that it can impose limitations on file-and-directory naming. Normally Linux file-systems support file names of up to 255 characters, but when using eCryptfs that reduces to a limit of 144 characters, which has been reported to cause problems by some users in bug reports.[3] This is due to the way eCryptfs is implemented on top of the file-system.
History
eCryptfs is derived from Erez Zadok's Cryptfs.[4]
See also
- Disk encryption
- Full disk encryption
- Disk encryption software
- Comparison of disk encryption software
- EncFS
- dm-crypt
- FileVault
- Encrypting File System