Gentoo Wiki


Kernel Configuration

First of all we need configure our Kernel for eCryptfs. We need crypto API support with at least one symmetric key cipher, key retention support and eCryptfs layer support.

Linux Kernel Configuration: eCryptfs
Code maturity level options  --->
 [*] Prompt for development and/or incomplete code/drivers
Security options  --->
 <M> Enable access key retention support
Cryptographic options  --->
 <M>   MD5 digest algorithm
 <M>   AES cipher algorithms

File systems  --->
 Miscellaneous filesystems  --->
   <M> eCrypt filesystem layer support (EXPERIMENTAL)

Build an reboot with your new Kernel.

Install userspace tools

We need to unmask some packages:

# echo "sys-fs/ecryptfs-utils ~x86" >> /etc/portage/package.keywords
# echo "sys-apps/keyutils ~x86" >> /etc/portage/package.keywords

Than we can emerge the userspace tools:

# emerge ecryptfs-utils

Encrypt a directory

# mkdir /secret
# mount -t ecryptfs /secret /secret
Retrieved from ""

Last modified: Tue, 02 Sep 2008 23:39:00 +0000 Hits: 2,710