“CentOS 6 now provides eCryptfs which provides the ability to
encrypt data and files on a per-file basis instead of the entire
disk as in block encryption. The eCryptfs system sits on top of the
current file system to provide the encryption layer, that is why it
is known as the pseudo-file system. The file operations which are
sent to the underlying file system are intercepted by eCryptfs and
encrypted.“This package needs to be installed in order to perform the
encryption.“yum install -y ecryptfs-utils
“Here is the process of mounting a new partition called /data
once it has been created and formatted for ext4. The partition that
was created with ext4 in the example is /dev/sdc1 and then it is
mounted as /data.“mkdir /data
“mount /dev/sdc1 /data
“In order to limit confusion, mount the directory with ecCyptfs
using the underlying partition name. In this case, the directory is
/data so it is mounted as data. Remember, eCryptfs is layer which
is on top of the existing file system. When you mount the directory
you will need to provide several options like passphrase, cipher
and key bytes.”
File System Encryption on CentOS 6
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis