From Fedora Project Wiki

< Disk and File Encryption

Revision as of 04:48, 10 February 2019 by Kongdeyuan (talk | contribs) (Update translations)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)



全盘加密透明加密整个块设备/分区/光盘。 在硬件被盗的情况下,这可能是最安全的选择。

可以在安装时选择全盘加密,也可以随时将其添加到(n)个附加USB插件设备 - 请参阅磁盘加密文档。 可以使用循环设备(文件中的加密块设备),在文件分配和每用户设置方面提供更大的灵活性,但需要手动设置,并且测试不够好。


These are easier to activate in an already installed system and also easier to setup on a per-user basis as they are mounted over existing filesystems. They may support private per-user encrypted directories which can be transparently mounted at login time and private mounts.

This encryption method typically has the drawback that is possible to deduce lots of metadata such as number of files, their approximate sizes, permissions, changes and possibly more.

  • eCryptfs
  • EncFS