# Alternative to loop device for encryption?

## DToNAToR

I want to be able to store several "homes" separately and encrypted for different users, each in a different, password encrypted filesystem image.

Each user will have such file on an unencrypted partition, containing a filesystem mounted only when he logs in with pam_mount.

So far so good, but from what I understand, this image's filesystem cannot be journaled. What are my alternatives then?

Does this really matter, when the real partition holding my user's images is journaled?

----------

## geki

No idea if that is an alternative for you:

http://gentoo-portage.com/sys-fs/ecryptfs-utils

ubuntu uses that to encrypt HOME optionally.

----------

## DToNAToR

Care to point me to a detailed documentation (preferably gentoo oriented) on how to actually use it in my case rather than

mount -t ecryptfs /dir /dir

?

----------

## Anarcho

Why should there be a problem with journaling in the encrypted containers?

But what I did is using a LVM partition which contains logical volumes for every user. These volumes follow the naming vg_home_$USER and I mount them using pam_mount on login. Works like a charm especially on my Core i7 Laptop with Intels AES-NI on my Intel Postvile SSD. I have AES 256 Bit encryption and can read up to 240 MB/s from the encrypted drive (without AES-NI I have 120 MB/s).

----------

## DToNAToR

Thanks! Did not think of using lvm. Will definitely try.

----------

## boerKrelis

I can recommend ecryptfs. It seems like a good fit for your situation, scales nicely, and works much better for incremental backups (backing up a gigabyte blob because the user flipped two bits seems.... inefficient).

----------

## DToNAToR

I still can't find worthy documentation for ecryptfs.

The one on their site is very partial ...

----------

