Untrusting Everyone
04 Apr 2016As we’re often reminded, trust is bad. So I’d like something that lets me avoid trusting cloud storage providers to keep my data safe. I mean, they can try, but I’ll help them :D
Preliminaries
As far as encryption goes, (and in this context, hardware encryption wont do), we’re looking at file-system based encryption. I’m choosing ecryptfs:
sudo apt-get install ecryptfs-utils
So time to make this utility do what i want, some wierd behaviour:
- By default, it mounts a secure partition on login, using the users auth key
- Double-layer passwords, the encryption passphrase is wrapped by the auth passphrase
- Maximum of one encrypted share per user