3

If I enable filename encryption in eCryptfs, when I unmount the filesystem all my files have names which start with "ECRYPTFS_FNEK_ENCRYPTED". I understand the need for the file system to have a signature in the filename which it can use to identify a filename as encrypted, but I would like to use something more discreet. Is there a way that I can change what this string is so that there aren't a bunch of files on the filesystem boldly listed as "ENCRYPTED"? It seems like this could easily be a mount option but if there is one I am missing it. Is there something somewhere else, like a PAM configuration file I can use?

Improve this question

1 Answer 1

Reset to default
2

The prefix is a constant in the kernel source:

fs/ecryptfs/ecryptfs_kernel.h
188:#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
189:#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24

It may just be a matter of editing those constants, recompiling the ecryptfs kernel module, and loading that.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.