From mboxrd@z Thu Jan 1 00:00:00 1970 From: rminnich@gmail.com (ron minnich) Date: Tue, 29 Mar 2011 08:06:14 -0700 Subject: [9fans] Encrypting file systems In-Reply-To: <86wrjivvi9.fsf@cmarib.ramside> References: <86wrjivvi9.fsf@cmarib.ramside> Message-ID: Topicbox-Message-UUID: c2f96fea-ead6-11e9-9d60-3106f5b1d025 I've got a rejected-by-usenix paper somewhere about writing a 9p encryption fs which you could stack on anything that served 9p: exportfs, fossil, tarfs, whatever. It essentially attached to a 9p server, you set the key, it encrypted/decrypted the data as it wrote to its server. The neat thing about such an encrypting server is you can stack it anywhere you have 9p server, which is quite fun; you can even stack it over another instance of itself. You don't need to be root to use it. You can pick an arbitrary key and don't have to share it with anyone. And so on. I have no idea where it is at this point. maybe you can take cfs and make encrypting? ron