From: Phillip Hellewell <phillip@hellewell.homeip.net>
To: Andrew Morton <akpm@osdl.org>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
viro@ftp.linux.org.uk, mike@halcrow.us, mhalcrow@us.ibm.com,
mcthomps@us.ibm.com, toml@us.ibm.com, yoder1@us.ibm.com,
James Morris <jmorris@namei.org>,
"Stephen C. Tweedie" <sct@redhat.com>,
Erez Zadok <ezk@cs.sunysb.edu>,
David Howells <dhowells@redhat.com>
Subject: [PATCH 2/13: eCryptfs] Documentation
Date: Wed, 3 May 2006 21:35:34 -0600 [thread overview]
Message-ID: <20060504033534.GA28613@hellewell.homeip.net> (raw)
In-Reply-To: <20060504031755.GA28257@hellewell.homeip.net>
This is the 2nd patch in a series of 13 constituting the kernel
components of the eCryptfs cryptographic filesystem.
This patch provides documentation for using eCryptfs.
Signed-off-by: Phillip Hellewell <phillip@hellewell.homeip.net>
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
---
ecryptfs.txt | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 76 insertions(+)
Index: linux-2.6.17-rc3-mm1-ecryptfs/Documentation/ecryptfs.txt
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ linux-2.6.17-rc3-mm1-ecryptfs/Documentation/ecryptfs.txt 2006-05-02 19:36:04.000000000 -0600
@@ -0,0 +1,76 @@
+eCryptfs: A stacked cryptographic filesystem for Linux
+
+eCryptfs is free software. Please see the file COPYING for details.
+For documentation, please see the files in the doc/ subdirectory. For
+building and installation instructions please see the INSTALL file.
+
+Maintainer: Phillip Hellewell
+Lead developer: Michael A. Halcrow <mhalcrow@us.ibm.com>
+Developers: Michael C. Thompson
+ Kent Yoder
+Web Site: http://ecryptfs.sf.net
+
+This software is currently undergoing development. Make sure to
+maintain a backup copy of any data you write into eCryptfs.
+
+eCryptfs requires the userspace tools downloadable from the
+SourceForge site:
+
+http://sourceforge.net/projects/ecryptfs/
+
+Userspace requirements include:
+ - David Howells' userspace keyring headers and libraries (version
+ 1.0 or higher), obtainable from
+ http://people.redhat.com/~dhowells/keyutils/
+ - Libgcrypt
+
+
+NOTES
+
+In the beta/experimental releases of eCryptfs, when you upgrade
+eCryptfs, you should copy the files to an unencrypted location and
+then copy the files back into the new eCryptfs mount to migrate the
+files.
+
+
+MOUNT-WIDE PASSPHRASE
+
+Create a new directory into which eCryptfs will write its encrypted
+files (i.e., /root/crypt). Then, create the mount point directory
+(i.e., /mnt/crypt). Now it's time to mount eCryptfs:
+
+mount -t ecryptfs /root/crypt /mnt/crypt
+
+You should be prompted for a passphrase and a salt (the salt may be
+blank).
+
+Try writing a new file:
+
+echo "Hello, World" > /mnt/crypt/hello.txt
+
+The operation will complete. Notice that there is a new file in
+/root/crypt that is 2 pages (8192 bytes) in size. This is the
+encrypted underlying file for what you just wrote. To test reading,
+from start to finish, you need to clear the user session keyring:
+
+keyctl clear @u
+
+Then umount /mnt/crypt and mount again per the instructions given
+above.
+
+cat /mnt/crypt/hello.txt
+
+
+NOTES
+
+eCryptfs version 0.1 should only be mounted on (1) empty directories
+or (2) directories containing files only created by eCryptfs. If you
+mount a directory that has pre-existing files not created by eCryptfs,
+then behavior is undefined. Do not run eCryptfs in higher verbosity
+levels unless you are doing so for the sole purpose of debugging or
+development, since secret values will be written out to the system log
+in that case.
+
+
+Mike Halcrow
+mhalcrow@us.ibm.com
next prev parent reply other threads:[~2006-05-04 3:35 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-04 3:17 [PATCH 0/12: eCryptfs] eCryptfs version 0.1.6 Phillip Hellewell
2006-05-04 3:27 ` [PATCH 1/13: eCryptfs] fs/Makefile and fs/Kconfig Phillip Hellewell
2006-05-04 3:35 ` Phillip Hellewell [this message]
2006-05-04 7:32 ` [PATCH 2/13: eCryptfs] Documentation Pavel Machek
2006-05-04 12:11 ` Michael Halcrow
2006-05-04 3:36 ` [PATCH 3/13: eCryptfs] Makefile Phillip Hellewell
2006-05-04 3:37 ` [PATCH 4/13: eCryptfs] Main module functions Phillip Hellewell
2006-05-04 3:37 ` [PATCH 5/13: eCryptfs] Header declarations Phillip Hellewell
2006-05-04 14:51 ` Pekka Enberg
2006-05-04 14:58 ` Artem B. Bityutskiy
2006-05-04 15:22 ` Pekka Enberg
2006-05-04 15:29 ` Artem B. Bityutskiy
2006-05-04 15:08 ` Michael Thompson
2006-05-04 3:38 ` [PATCH 6/13: eCryptfs] Superblock operations Phillip Hellewell
2006-05-04 9:55 ` Pavel Machek
2006-05-04 14:02 ` Michael Thompson
2006-05-04 14:26 ` Pekka Enberg
2006-05-04 14:37 ` Pekka Enberg
2006-05-04 15:00 ` Michael Thompson
2006-05-04 15:12 ` Pekka Enberg
2006-05-04 21:40 ` David Howells
2006-05-05 13:12 ` Dave Kleikamp
2006-05-05 14:03 ` David Howells
2006-05-05 14:34 ` Dave Kleikamp
2006-05-05 14:52 ` David Howells
2006-05-05 16:15 ` Timothy R. Chavez
2006-05-04 3:39 ` [PATCH 7/13: eCryptfs] Dentry operations Phillip Hellewell
2006-05-05 16:46 ` Timothy R. Chavez
2006-05-04 3:39 ` [PATCH 8/13: eCryptfs] File operations Phillip Hellewell
2006-05-04 4:06 ` Eric Dumazet
2006-05-05 18:55 ` Timothy R. Chavez
2006-05-04 3:40 ` [PATCH 9/13: eCryptfs] Inode operations Phillip Hellewell
2006-05-04 3:41 ` [PATCH 10/13: eCryptfs] Mmap operations Phillip Hellewell
2006-05-04 15:13 ` Pekka Enberg
2006-05-04 21:43 ` David Howells
2006-05-05 15:22 ` Dave Kleikamp
2006-05-05 15:38 ` Pekka Enberg
2006-05-06 2:21 ` Andrew Morton
2006-05-06 16:00 ` Michael Halcrow
2006-05-06 16:42 ` Andrew Morton
2006-05-06 16:57 ` Linus Torvalds
2006-05-04 3:42 ` [PATCH 11/13: eCryptfs] Keystore Phillip Hellewell
2006-05-04 3:42 ` [PATCH 12/13: eCryptfs] Crypto functions Phillip Hellewell
2006-05-04 3:43 ` [PATCH 13/13: eCryptfs] Debug functions Phillip Hellewell
2006-05-04 20:30 ` Randy.Dunlap
2006-05-04 7:28 ` [PATCH 0/12: eCryptfs] eCryptfs version 0.1.6 Pavel Machek
2006-05-04 12:08 ` Michael Halcrow
2006-05-05 9:05 ` Alon Bar-Lev
2006-05-05 16:08 ` Michael Halcrow
-- strict thread matches above, loose matches on Subject: below --
2006-05-13 3:37 [PATCH 0/13: eCryptfs] eCryptfs Patch Set Phillip Hellewell
2006-05-13 3:41 ` [PATCH 2/13: eCryptfs] Documentation Phillip Hellewell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060504033534.GA28613@hellewell.homeip.net \
--to=phillip@hellewell.homeip.net \
--cc=akpm@osdl.org \
--cc=dhowells@redhat.com \
--cc=ezk@cs.sunysb.edu \
--cc=jmorris@namei.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mcthomps@us.ibm.com \
--cc=mhalcrow@us.ibm.com \
--cc=mike@halcrow.us \
--cc=sct@redhat.com \
--cc=toml@us.ibm.com \
--cc=viro@ftp.linux.org.uk \
--cc=yoder1@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).