I am using the -o xattr option, but my backup tools do not preserve extended attributes. How can I back up the lower files?
Mount with the -o encrypted_view flag and read the files from under the eCryptfs mount point. The files read will be encrypted, and the cryptographic metadata will be in the headers of the encrypted files that are passed through, even if this metadata is actually stored in the extended attribute regions of the lower files. Q. What about filename encryption? The namespace problem arises when we consider the case where two files have the same unencrypted name. This can be a problem when the user does not have the key for every file in any given directory. Imagine, for instance, that Alice creates a file named “meeting_notes.txt” in a shared directory on an NFS server. The filename is encrypted with a key known only to Alice and Carol. Bob then creates a file in the same shared NFS directory and also names it “meeting_notes.txt”, encrypting the filename with another key only known to Bob and Carol. Bob’s eCryptfs client cannot detect the unencrypted filename conflict in the namespace
