From: Reindl Harald Date: February 5 2013 2:20pm Subject: Re: file level encryption on mysql List-Archive: http://lists.mysql.com/mysql/228926 Message-Id: <51111546.90107@thelounge.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2NAQSJIIDHBCUELJGMSNC" ------enig2NAQSJIIDHBCUELJGMSNC Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable you have to encrypt them in the application and make the key stored as safe as possible, however for a full intrution there is no way to protect data which can not be only hashed somewhere you need the information how to encrypt them Am 05.02.2013 15:18, schrieb Mike Franon: > I tried all these methods and you are right this is not going to work f= or us. >=20 > I am not a developer, does anyone have any good links or reference to > the best way I can share with my developers on best way to encrypt and > decrypt personal user info. >=20 > We do not store credit cards, but want to store 3 tables that have > email address, ip address, and personal info. >=20 > On Sun, Feb 3, 2013 at 12:57 PM, Reindl Harald = wrote: >> >> >> Am 03.02.2013 18:52, schrieb Mike Franon: >>> Hi, >>> >>> I was wondering what type of encryption for linux would you recommend= >>> to encrypt the database files on the OS level? I had a hard time >>> starting the database after I moved it to a partiton with encryptFS >>> >>> I only need 3 tables encrypted and know it is better to do it from th= e >>> application, but unfortunately that cannot happen for a while. >>> >>> Has anyone done OS file level encryption, and if so which one did the= y use? >> >> https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS >> >> but this all is useless in case of intrusion because the FS >> is unlocked and you have no gain - FS encryption only matters >> if your notebook or disks get stolen which is unlikely on a server ------enig2NAQSJIIDHBCUELJGMSNC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlERFUYACgkQhmBjz394Anlv4ACfYZB967J6ydJUyoVCDCnU4RMc w/QAoJeDsi7wM8kUmYORJhe0sWP9UZs1 =+pvl -----END PGP SIGNATURE----- ------enig2NAQSJIIDHBCUELJGMSNC--