Encrypting and decrypting directories under Linux

rhkelly rhkelly at myrealbox.com
Sat Dec 27 20:48:03 CET 2003

Dennis Lambe Jr. wrote:

> On Sat, 2003-12-27 at 08:38, Bartek Matosiuk wrote:
>>I'd like to ask the question: is this possible to encrypt and decrypt 
>>whole directories under linux using GnuPG. I'm right now working on the 
>>idea of securing users home directories  using some exisitng encryption 
>>method. PGP keys looks like interesting method for me but I don't know 
>>if my idea can be physicaly performed.

> From whom are you trying to secure the directories?

Good question, better advice, but two warnings are in order:

> If you're trying to secure one user's home directory from another, file
> permissions are the easiest way to go, and work fine if you keep up with
> security patches.
Assuming that the other user can not boot the computer from a floppy
(CD, USB flash 'drive'...).

> If you're trying to secure the entire /home tree from a remote attacker,
> close all unneccessary ports, install a firewall, and keep up with
> security patches.
Assuming you have the necessary confidence that all those steps
are correct, timely and complete. This is very difficult, even for
an experienced sysadmin. Practically impossible for an avarage user.

Roger K.

More information about the Gnupg-users mailing list