On the fly encryption of files possible?

David Shaw dshaw at jabberwocky.com
Wed Jun 30 05:11:12 CEST 2010

On Jun 29, 2010, at 5:44 PM, Roscoe <eocsor at gmail.com> wrote:

> On Wed, Jun 30, 2010 at 12:36 AM, Dirk Walter
> <dirk.walter at semanticbits.com> wrote:
>> It would seem like a fairly trivial thing to code, just have whatever
>> is writing the file pipe it to GNUPG with the appropriate settings and
>> write output of gpg to disk. I don't think there if a front end that
>> does it for you though, some custom code seems unavoidable but
>> depending on your precise usecase and language it might just be a line
>> or two.
> I was thinking about this the other day, there are existing FUSE file
> systems which appear to be just frontends to commands.
> I wouldn't have thought a GnuPG FUSE FS would be very hard.

One piece that you're likely to find difficult in a fuse filesystem using GnuPG is that fuse is a more or less straight mapping between the kernel VFS and userspace. That means you need to handle seeking and other out of order reads. Since OpenPGP objects are CFB(ish), you can't seek within them. So on the one hand you have a filesystem interface that requires seeking. On the other hand, you have a storage primitive that cannot seek.

There are a few ways to handle it, but as with most things, the best answer depends on the fine details of your situation.



More information about the Gnupg-users mailing list