PEFS (Private Encrypted File System) is a kernel level stacked cryptographic
filesystem for FreeBSD.
PEFS website: http://pefs.io/
The following is a list of its most important features:
* Kernel level file system, no user level daemons needed. Transparently runs
on top of existing file systems.
* Random per file tweak value used for encryption, which guaranties different
cipher texts for the same encrypted files.
* Saves metadata only in encrypted file name, but not in file itself.
* Supports arbitrary number of keys per file system, default directory key,
mixing files encrypted with different keys in same directory.
* Allows defining key chains, can be used to add/delete several keys by
specifying only master key.
* Uses modern cryptographic algorithms: AES and Camellia in XTS mode,
PKCS#5v2 and HKDF for key generation.
FreeBSD wiki page: http://wiki.freebsd.org/PEFS
blog: http://glebkurtsou.blogspot.com/search/label/pefs
Installation instructions:
# git clone git://github.com/glk/pefs.git pefs
# cd pefs
# make obj all
# make install
# make clean