简单的示例
1 创建一个目录
[jianlee@dev3-196 ~]$ mkdir -v .Secret mkdir: 已创建目录 “.Secret”
2 挂载目录
[jianlee@dev3-196 ~]$ sudo /sbin/modprobe ecryptfs
[jianlee@dev3-196 ~]$ sudo mount -t ecryptfs .Secret/ .Secret/
Select key type to use for newly created files:
1) openssl
2) passphrase
Selection: 2
Passphrase:
Verify Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (loaded)
2) blowfish: blocksize = 8; min keysize = 4; max keysize = 56 (loaded)
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (loaded)
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (loaded)
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
7) des: blocksize = 8; min keysize = 8; max keysize = 8 (loaded)
Selection [aes]: 1
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]: 1
Enable plaintext passthrough (y/n): y
Attempting to mount with the following options:
ecryptfs_passthrough
ecryptfs_key_bytes=16
ecryptfs_cipher=aes
ecryptfs_sig=15fcaf567284073f
Mounted eCryptfs
[jianlee@dev3-196 ~]$ df -h
文件系统 容量 已用 可用 已用% 挂载点
/dev/mapper/VolGroup00-LogVol00
13G 6.3G 5.7G 53% /
/dev/sda1 99M 31M 64M 33% /boot
tmpfs 506M 0 506M 0% /dev/shm
/secret 13G 6.3G 5.7G 53% /secret
/home/jianlee/.Secret
13G 6.3G 5.7G 53% /home/jianlee/.Secret
3 现在创建一个文件,再查看一下,正常。
[jianlee@dev3-196 ~]$ dmesg > .Secret/dmesg.log [jianlee@dev3-196 ~]$ tail -2 .Secret/dmesg.log SELinux: initialized (dev ecryptfs, type ecryptfs), uses xattr SELinux: initialized (dev ecryptfs, type ecryptfs), uses xattr
4 卸载这个目录,在查看,就是乱码了:
[jianlee@dev3-196 ~]$ sudo umount .Secret/ [jianlee@dev3-196 ~]$ tail -2 .Secret/dmesg.log >R(��;z��Щl�-Fal�[jianlee@dev3-196 ~]$
