On the fly encryption of files possible?

Dirk Walter dirk.walter at semanticbits.com
Tue Jun 29 19:25:04 CEST 2010


On Tue, Jun 29, 2010 at 12:32 PM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> (snip), and so on and so on.  You can probably
> hack together a userspace solution that kind of works, but to do it
> right you really need a kernel driver.

That depends on the source of the files, if you have eg a java app
that is generating the files it would be trivial to pipe it through
gpg, similarly if it is done through an ftp server or something it is
also trivial. I'm not sure how I would deal with multiple sources,
that indeed requires a bit more thought, but usually in these kinds of
use cases you are dealing with a single source for all or most of the
files. That is why usecase details matter.

Also if you are dealing with 10'000 multi gig files a second and it's
highly time critical you'll need loadbalancing and failover between
multiple systems, and kernel drivers etc, although the only case I
could think of where something like this would apply is to collate all
the data from us satellites and transmit it to the people in the
warzone in which case you should have the resources to do it right. If
you are dealing with one or two small files a minute you don't need
that kind of infrastructure.

But even if there are multiple sources I would think about doing
something like the printer demon that picks up files from a given
directory and encrypts them and deletes the source file. Probably want
to put some additional security on that but that again depends on what
the usecase is.



More information about the Gnupg-users mailing list