# e4crypt is driving me nuts

## toralf

I do have a user "tor" (no login shell) and an already filled directory /var/lib/tor/data. Now I'd like to encrypt that directory an a way, that [1] can be used to decrypt it. By no way I get it till now. I must admit I do not have any experiences in ext4 encryption.

Does anybody has a working way to achieve the goal ?

[1] https://github.com/toralf/torutils/blob/master/unlock_tor.sh

----------

## axl

why not use what normal humans use? luks fs / cryptsetup.

----------

## Hu

axl: ext4 encryption can be done on a per-directory basis.  Toralf presumably has an ext4 filesystem mounted either at /var or at / that has, as one of its subdirectories, the directory he wants to encrypt.  If he used a LUKS based design, he would need a separate filesystem just for that directory.  He would need to reserve in advance enough space for that directory to grow to the maximum size he wants to allow, and that reservation would not be usable by any other part of /var, even when the encrypted directory is empty.

----------

## toralf

 *Hu wrote:*   

> axl: ext4 encryption can be done on a per-directory basis.  Toralf presumably has an ext4 filesystem mounted either at /var or at / that has, as one of its subdirectories, the directory he wants to encrypt.  If he used a LUKS based design, he would need a separate filesystem just for that directory.  He would need to reserve in advance enough space for that directory to grow to the maximum size he wants to allow, and that reservation would not be usable by any other part of /var, even when the encrypted directory is empty.

 Indeed.

Update

Seems that the issue is either due to my lack in knowledge - OTOH the whole encryption changes in 4.8. - will see, if the same commands will work then.

----------

