If I enable filename encryption in eCryptfs, when I unmount the filesystem all my files have names which start with "ECRYPTFS_FNEK_ENCRYPTED". I understand the need for the file system to have a signature in the filename which it can use to identify a filename as encrypted, but I would like to use something more discreet. Is there a way that I can change what this string is so that there aren't a bunch of files on the filesystem boldly listed as "ENCRYPTED"? It seems like this could easily be a mount option but if there is one I am missing it. Is there something somewhere else, like a PAM configuration file I can use?
Asked
Active
Viewed 144 times
1 Answers
2
The prefix is a constant in the kernel source:
fs/ecryptfs/ecryptfs_kernel.h
188:#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
189:#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24
It may just be a matter of editing those constants, recompiling the ecryptfs kernel module, and loading that.
JoL
- 4,735