@wlxing: Sorry didn't see the notification until now. But actually when i worked on this years ago it was for a SOHO demo project with desktop clients bound via LAN to a centralized NFS Server for keeping clients dump and still having encryption. In the end for production we switched to laptops with no realm integration, gave up on LAN dependency and just did push backups of eCryptFS encrypted files. Didn't try to integrate eCryptFS over NFS any further since then :(
In server scenarios eCryptFS would be still a nice way of interactively working with file based encryption on remote storage. EncFS is doomed and using GPG is non-interactive. The idea of streaming a big file through remote storage protocols and looping on top it with either LUKS or Ext4 encryption doesn't seem too fancy although it worked when i tested it briefly with LUKS and btrfs.
@kirkland @tyhicks Guess you're guys quite busy with a lot of stuff at Canonical ;) But do you have an short update on this? Or do you know any alternative to eCryptFS for using file level based encryption on remote storage through the mentioned protocols?
@wlxing: Sorry didn't see the notification until now. But actually when i worked on this years ago it was for a SOHO demo project with desktop clients bound via LAN to a centralized NFS Server for keeping clients dump and still having encryption. In the end for production we switched to laptops with no realm integration, gave up on LAN dependency and just did push backups of eCryptFS encrypted files. Didn't try to integrate eCryptFS over NFS any further since then :(
In server scenarios eCryptFS would be still a nice way of interactively working with file based encryption on remote storage. EncFS is doomed and using GPG is non-interactive. The idea of streaming a big file through remote storage protocols and looping on top it with either LUKS or Ext4 encryption doesn't seem too fancy although it worked when i tested it briefly with LUKS and btrfs.
@kirkland @tyhicks Guess you're guys quite busy with a lot of stuff at Canonical ;) But do you have an short update on this? Or do you know any alternative to eCryptFS for using file level based encryption on remote storage through the mentioned protocols?